Which of the following packets should NOT be dropped at a firewall protecting an organization's internal network?
Correct Answer: D
Section: Network and Telecommunications Explanation/Reference: Normal outbound traffic has an internal source IP address and an external destination IP address. Traffic with an internal source IP address should only come from an internal interface. Such packets coming from an external interface should be dropped. Packets with the source-routing option enabled usually indicates a network intrusion attempt. Router information exchange protocols like RIP and OSPF should be dropped to avoid having internal routing equipment being reconfigured by external agents. Source: STREBE, Matthew and PERKINS, Charles, Firewalls 24seven, Sybex 2000, Chapter 10: The Perfect Firewall.
Question 657
Sensitivity labels are an example of what application control type?
Correct Answer: A
Section: Access Control Explanation/Reference: Sensitivity labels are a preventive security application controls, such as are firewalls, reference monitors, traffic padding, encryption, data classification, one-time passwords, contingency planning, separation of development, application and test environments. The incorrect answers are: Detective security controls - Intrusion detection systems (IDS), monitoring activities, and audit trails. Compensating administrative controls - There no such application control. Preventive accuracy controls - data checks, forms, custom screens, validity checks, contingency planning, and backups. Sources: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 7: Applications and Systems Development (page 264). KRUTZ, Ronald & VINES, Russel, The CISSP Prep Guide: Gold Edition, Wiley Publishing Inc., 2003, Chapter 7: Application Controls, Figure 7.1 (page 360).
Question 658
The Computer Security Policy Model the Orange Book is based on is which of the following?
Correct Answer: A
Explanation/Reference: The Computer Security Policy Model Orange Book is based is the Bell-LaPadula Model. Orange Book Glossary. The Data Encryption Standard (DES) is a cryptographic algorithm. National Information Security Glossary. TEMPEST is related to limiting the electromagnetic emanations from electronic equipment. Reference: U.S. Department of Defense, Trusted Computer System Evaluation Criteria (Orange Book), DOD 5200.28-STD. December 1985 (also available here).
Question 659
Which protocol is used to send email?
Correct Answer: D
Section: Network and Telecommunications Explanation/Reference: Simple Mail Transfer Protocol (SMTP) is a protocol for sending e-mail messages between servers. POP is a protocol used to retrieve e-mail from a mail server. NFS is a TCP/IP client/server application developed by Sun that enables different types of file systems to interoperate regardless of operating system or network architecture. FTP is the protocol that is used to facilitate file transfer between two machines. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 88.
Question 660
What is the MOST critical piece to disaster recovery and continuity planning?
Correct Answer: B
Section: Risk, Response and Recovery Explanation/Reference: The keyword is ' MOST CRITICAL ' and the correct answer is ' Management Support ' as the management must be convinced of its necessity and that's why a business case must be made. The decision of how a company should recover from any disaster is purely a business decision and should be treated as so. The other answers are incorrect because : Security policy is incorrect as it is not the MOST CRITICAL piece. Availability of backup information processing facilities is incorrect as this comes once the organization has BCP Plans in place and for a BCP Plan , management support must be there. Staff training comes after the plans are in place with the support from management. Reference : Shon Harris , AIO v3 , Chapter-9: Business Continuity Planning , Page : 697.
