What does the (star) integrity axiom mean in the Biba model?
Correct Answer: D
The (star) integrity axiom of the Biba access control model states that an object at one level of integrity is not permitted to modify an object of a higher level of integrity (no write up). Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 5: Security Architectures and Models (page 205).
Question 597
Which of the following is true of network security?
Correct Answer: B
Commercial firewalls are a dime-a-dozen in todays world. Black firewall and whitewall are just distracters.
Question 598
Which of the following is used to find the Media Access Control address (MAC) that matches with a known Internet Protocol (IP) address?
Correct Answer: A
ARP is used to find the Media Access Control address (MAC) that matches with a known Internet Protocol (IP) address. The Address Resolution Protocol (ARP) is a computer networking protocol for determining a network host's link layer or hardware address when only its Internet Layer (IP) or Network Layer address is known Reverse Address Resolution Protocol (RARP) is used to find the IP address that matches an Ethernet address. ICMP is a management protocol and messaging service provider for IP (e.g. PING). UDP runs over IP. It is a best effort protocol that offers no reliability. UDS is used for application such as streaming media, voice over IP, the DNS protocol, as well as the Simple Network Management Protocol (SNMP). Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 87. also see: http://en.wikipedia.org/wiki/Address_resolution_protocol
Question 599
Which of the following security controls might force an operator into collusion with personnel assigned organizationally within a different function in order to gain access to unauthorized data?
Correct Answer: A
Section: Security Operation Adimnistration Explanation/Reference: The questions specifically said: "within a different function" which eliminate Job Rotation as a choice. Management monitoring of audit logs is a detective control and it would not prevent collusion. Changing passwords regularly would not prevent such attack. This question validates if you understand the concept of separation of duties and least privilege. By having operators that have only the minimum access level they need and only what they need to do their duties within a company, the operations personnel would be force to use collusion to defeat those security mechanism. Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.
Question 600
Which of the following is most appropriate to notify an external user that session monitoring is being conducted?
Correct Answer: A
Section: Access Control Explanation/Reference: Banners at the log-on time should be used to notify external users of any monitoring that is being conducted. A good banner will give you a better legal stand and also makes it obvious the user was warned about who should access the system and if it is an unauthorized user then he is fully aware of trespassing. This is a tricky question, the keyword in the question is External user. There are two possible answers based on how the question is presented, this question could either apply to internal users or ANY anonymous user. Internal users should always have a written agreement first, then logon banners serve as a constant reminder. Anonymous users, such as those logging into a web site, ftp server or even a mail server; their only notification system is the use of a logon banner. References used for this question: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 50. and Shon Harris, CISSP All-in-one, 5th edition, pg 873
