cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Community Champion

Re: CISSP questions

From an operations security standpoint, which one of the following dial-in access configurations is best?

 

a. Force the port to log out when the modem loses carrier.
b. Disable the port when the modem disconnects.
c. Reset the modem when the phone line disconnects.
d. Force a modem reset when the DTR line transitions.

 

Answer: a

Reference: Fites & Kratz, Information Systems Security: A Practitioner’s Reference; International Thomson Computer Press; 1996; pg 385.

 

Discussion:

a - correct, this is a control measure that will force the user to reauthenticate, and prevent someone from simply taking over a free line they come across
b - wrong, this allows for a good way to do a DOS on the dialup facility
c - wrong, once the phone line is disconnected it can’t be reset, and simply resetting the modem may leave a live session behind it
d - wrong, this is a normal occurrence (DTR - data terminal ready)

 

(Reference: Fites and Kratz, Information Systems Security: A Practitioner’s Reference, International Thomson Computer Press, 1996)


............
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Highlighted
Community Champion

Re: CISSP questions

Which one of the following would NOT be considered a media control task?

 

a. Decompressing the storage medium.
b. Storing on-site backups in a protected area.
c. Maintaining a control log noting all media entries, removals, and returns.
d. Erasing volumes at the end of their retention period.


Answer: a

 

(Reference: Rita Summer - “Secure Computing: Threats and Safeguards”; McGraw-Hill; 1997; pg 585.

 

Decompression definitely is part of media management, but it isn't a control.


............
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Highlighted
Community Champion

Re: CISSP questions

In what way can violation clipping levels assist in violation tracking and analysis?

 

a. Clipping levels set a baseline for normal user errors, and violations exceeding that threshold will be recorded for analysis of why the violations occurred.
b. Clipping levels enable a security administrator to customize the audit trail to record only those violations which are deemed to be security relevant.
c. Clipping levels enable the security administrator to customize the audit trail to record only actions for users with access to usercodes with a privileged status.
d. Clipping levels enable a security administrator to view all reductions in security levels which have been made to usercodes which have incurred violations.

 

Answer: a

 

Discussion:
Answer a - correct, the clipping level establishes a normal error rate that can be ignored for violation analysis purposes.


............
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468