Frame relay uses a public switched network to provide:
Correct Answer: C
Section: Network and Telecommunications Explanation/Reference: Frame relay uses a public switched network to provide Wide Area Network (WAN) connectivity. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 73.
Question 617
CORRECT TEXT Attackers have been known to search through company trash bins in order to collect potentially useful information. This method of attack is known as _________________.
Correct Answer:
diving
Question 618
Which of the following describes the major disadvantage of many Single Sign-On (SSO) implementations?
Correct Answer: A
Explanation/Reference: Single Sign-On is a distrubuted Access Control methodology where an individual only has to authenticate once and would have access to all primary and secondary network domains. The individual would not be required to re-authenticate when they needed additional resources. The security issue that this creates is if a fraudster is able to compromise those credential they too would have access to all the resources that account has access to. All the other answers are incorrect as they are distractors.
Question 619
Which of the following would be used to implement Mandatory Access Control (MAC)?
Correct Answer: C
The lattice is a mechanism use to implement Mandatory Access Control (MAC) Under Mandatory Access Control (MAC) you have: Mandatory Access Control Under Non Discretionary Access Control (NDAC) you have: Rule-Based Access Control Role-Based Access Control Under Discretionary Access Control (DAC) you have: Discretionary Access Control The Lattice Based Access Control is a type of access control used to implement other access control method. A lattice is an ordered list of elements that has a least upper bound and a most lower bound. The lattice can be used for MAC, DAC, Integrity level, File Permission, and more For example in the case of MAC, if we look at common government classifications, we have the following: TOP SECRET SECRET -----------------------I am the user at secret CONFIDENTIAL SENSITIVE BUT UNCLASSIFIED UNCLASSIFIED If you look at the diagram above where I am a user at SECRET it means that I can access document at lower classification but not document at TOP SECRET. The lattice is a list of ORDERED ELEMENT, in this case the ordered elements are classification levels. My least upper bound is SECRET and my most lower bound is UNCLASSIFIED. However the lattice could also be used for Integrity Levels such as: VERY HIGH HIGH MEDIUM ----------I am a user, process, application at the medium level LOW VERY LOW In the case of of Integrity levels you have to think about TRUST. Of course if I take for example the the VISTA operating system which is based on Biba then Integrity Levels would be used. As a user having access to the system I cannot tell a process running with administrative privilege what to do. Else any users on the system could take control of the system by getting highly privilege process to do things on their behalf. So no read down would be allowed in this case and this is an example of the Biba model. Last but not least the lattice could be use for file permissions: RWX RW ---------User at this level R If I am a user with READ and WRITE (RW) access privilege then I cannot execute the file because I do not have execute permission which is the X under linux and UNIX. Many people confuse the Lattice Model and many books says MAC = LATTICE, however the lattice can be use for other purposes. There is also Role Based Access Control (RBAC) that exists out there. It COULD be used to simulate MAC but it is not MAC as it does not make use of Label on objects indicating sensitivity and categories. MAC also require a clearance that dominates the object. You can get more info about RBAC at:http://csrc.nist.gov/groups/SNS/rbac/faq.html#03 Also note that many book uses the same acronym for Role Based Access Control and Rule Based Access Control which is RBAC, this can be confusing. The proper way of writing the acronym for Rule Based Access Control is RuBAC, unfortunately it is not commonly used. References: There is a great article on technet that talks about the lattice in VISTA: http://blogs.technet.com/b/steriley/archive/2006/07/21/442870.aspx also see: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 2: Access control systems (page 33). and http://www.microsoft-watch.com/content/vista/gaging_vistas_integrity.html
Question 620
Which of the following statements pertaining to firewalls is incorrect?
Correct Answer: C
Firewalls can protect a network at multiple layers of the OSI models, however most of the firewalls do not have the ability to monitor the payload of the packets and see if an application level attack is taking place. Today there are a new breed of firewall called Unified Threat Managers or UTM. They are a collection of products on a single computer and not necessarily a typical firewall. A UTM can address all of the layers but typically a firewall cannot. Firewalls are security checkpoints at the boundaries of internal networks through which every packet must pass and be inspected, hence they create bottlenecks between the internal and external networks. But since external connections are relatively slow compared to modern computers, the latency caused by this bottleneck can almost be transparent. By implementing the concept of border security, they centralize security services in machines optimized and dedicated to the task, thus relieving the other hosts on the network from that function. Source: STREBE, Matthew and PERKINS, Charles, Firewalls 24seven, Sybex 2000, Chapter 1: Understanding Firewalls.
