almost 2 years ago

It is convenient for our consumers to check ISC CISSP exam questions free of charge before purchasing the Certified Information Systems Security Professional CISSP practice exam. To make the ISC CISSP exam questions content up-to-date for free of cost up to 365 days after buying them, our certified trainers work strenuously to formulate the exam questions in compliance with the Certified Information Systems Security Professional CISSP Dumps. There are many benefits after you pass the CISSP certification such as you can enter in the big company and double your wage. Our CISSP study materials boost high passing rate and hit rate so that you needn’t worry that you can’t pass the test too much. We provide free tryout before the purchase to let you decide whether it is valuable or not by yourself. To further understand the merits and features of our CISSP Practice Engine you could look at the introduction of our product in detail. >> CISSP Instant Discount <<

Top CISSP Instant Discount | High Pass-Rate ISC CISSP Exam Forum: Certified Information Systems Security Professional

Most of the experts in our company have been studying in the professional field for many years and have accumulated much experience in our CISSP practice questions. Our company is considerably cautious in the selection of talent and always hires employees with store of specialized knowledge and skills. All the members of our experts and working staff maintain a high sense of responsibility, which is why there are so many people choose our CISSP Exam Materials and to be our long-term partner.

ISC Certified Information Systems Security Professional Sample Questions (Q575-Q580):

NEW QUESTION # 575
Rule-Based Access Control (RuBAC) access is determined by rules. Such rules would fit within what category of access control?

• A. Discretionary Access Control (DAC)
• B. Lattice-based Access control
• C. Non-Discretionary Access Control (NDAC)
• D. Mandatory Access control (MAC)

Answer: C Explanation:
Explanation/Reference:
Explanation:
Rule-based access control is considered nondiscretionary because the users cannot make access decisions based upon their own discretion.
Incorrect Answers:
A: Discretionary Access Control (DAC) allows data owners to dictate what subjects have access to the files and resources they own.
B: Mandatory Access control is considered nondiscretionary and is based on a security label system D: Lattice-based Access control is known as a label-based access control, or rule-based access control restriction.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 220-228
https://en.wikipedia.org/wiki/Lattice-basedaccesscontrol
NEW QUESTION # 576
Controlling access to information systems and associated networks is necessary for the preservation of their:

• A. Confidentiality, integrity, and availability.
• B. Integrity and availability.
• C. Authenticity, confidentiality, integrity and availability.
• D. Authenticity, confidentiality and availability

Answer: A Explanation:
Explanation/Reference:
Explanation:
Information security is made up of the following main attributes:
Availability - Prevention of loss of, or loss of access to, data and resources

Integrity - Prevention of unauthorized modification of data and resources

Confidentiality - Prevention of unauthorized disclosure of data and resources

Incorrect Answers:
A: Authenticity is an attribute that stems from the three main attributes.
C: Information security is made up of three main attributes, which includes confidentiality.
D: Authenticity is an attribute that stems from the three main attributes.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 298, 299
NEW QUESTION # 577
The Orange Book describes four hierarchical levels to categorize security systems. Which of the following levels require mandatory protection?

• A. B and C
• B. A and B
• C. B and D
• D. A, B, and C

Answer: B Explanation:
Level B is the first to require Mandatory Protection. Because the higher levels also
inherit the requirements of all lower levels, level A also requires Mandatory Protection.
The following answers are incorrect:
B and C. Is incorrect because Mandatory Protection is not required until level B, Level C is a lower
level.
A, B, and C. Is incorrect because Mandatory Protection is not required until level B, Level C is a
lower level.
B and D. Is incorrect because Mandatory Protection is not required until level B, Level D is a lower
level.
One of the first accpted evaluation standards was the Trusted Computer Security Evaluation
Criteria or TCSEC. The Orange Book was part of this standard that defines four security divisions
consisting of seven different classes for security ratings. The lowest class offering the least
protection is D - Minimal protection. The highest classification would be A1 offering the most
secure environment. As you go to the next division and class you inherit the requirements of the
lower levels. So, for example C2 would also incorporate the requirements for C1 and D.
The divisions and classes are:
D - Minimal protection
C - Discretionary protection
C1 - Discretionary Security Protection
C2 - Controlled Access Protection
B - Mandatory Protection
B1 - Labeled Security
B2 - Structured Protection
B3 - Security Domains
A - Verified Protection
A1 - Verified Design
Wikipedia: "TCSEC was replaced with the development of the Common Criteria international
standard originally published in 2005."
References:
OIG CBK, Security Architecture and Design (pages 329 - 330)
AIO, 3rd Edition, Security Models and Architecture (pages 302 - 306)
AIO, 4th Edition, Security Architecture and Design, pp357-361.
Wikipedia - http://en.wikipedia.org/wiki/TCSEC#DivisionsandClasses
DOD TCSEC - http://www.cerberussystems.com/INFOSEC/stds/d520028.htm
NSI reference for Orange book: http://nsi.org/Library/Compsec/orangebo.txt
NEW QUESTION # 578
An active content module, which attempts to monopolize and exploits system resources is called a

• A. Hostile applet
• B. Macro virus
• C. Cookie
• D. Plug-in worm

Answer: A Explanation:
This applet can execute in the network browser and may contain malicious code. The types of downloadable programs are also known as mobile code. -Ronald Krutz The CISSP PREP Guide (gold edition) pg 361
"ActiveX Controls are Microsoft's answer to Sun's Java applets. They operate in a very similar fashion, but they are implemented using any on of a variety of languages, including Visual Basic, C, C++ and Java. There are two key distinctions between Java applets and ActiveX controls. First, ActiveX controls use proprietary Microsoft technology and, therefore, can only execute on systems running Microsoft operating systems. Second, ActiveX controls are not subject to the sandbox restrictions placed on Java applets. They have full access to the Windows operating environment and can perform a number of privileged actions. Therefore, special precautions must be taken when deciding which ActiveX controls to download and execute. Many security administrators have taken the somewhat harsh position of prohibiting the download of any ActiveX content from all but a select handful of trusted sites." Pg. 214 Tittel: CISSP Study Guide
NEW QUESTION # 579
Which of the following protocols offers native encryption?

• A. IPSEC, SSH, PPTP, SSL, MPLS, L2F, and L2TP
• B. IPSEC, SSH, PPTP, SSL, MPLS, and L2TP
• C. IPSEC, SSH, SSL, TFTP
• D. IPSEC, SSH, SSL, TLS

Answer: D Explanation:
The following answers are incorrect:
IPSEC, SSH, PPTP, SSL, MPLS, and L2TP is incorrect because L2TP and PPTP does
NOT offer encryption.
IPSEC, SSH, SSL, TFTP is incorrect because TFTP does not offers encryption.
IPSEC, SSH, PPTP, SSL, MPLS, L2F, and L2TP is incorrect because MPLS, L2F, and
L2TP do NOT offer encryption.
NOTE:
PPTP did not provide Encryption natively. It is MPPE from Microsoft that would provide encryption.
MPPE is an encryption technology developed by Microsoft to encrypt point-to-point links.
These PPP connections can be over a dialup line or over a VPN tunnel. MPPE works as a subfeature of Microsoft Point-to-Point Compression (MPPC)
MPPC is a scheme used to compress PPP packets between client devices. The MPPC algorithm is designed to optimize bandwidth utilization in order to support multiple simultaneous connections.
MPPE is negotiated using bits in the MPPC option within the Compression Control Protocol
(CCP) MPPC configuration option (CCP configuration option number 18).
MPPE uses the RC4 algorithm with either 40- or 128-bit keys. All keys are derived from the cleartext authentication password of the user. RC4 is stream cipher; therefore, the sizes of the encrypted and decrypted frames are the same size as the original frame. The Cisco implementation of MPPE is fully interoperable with that of Microsoft and uses all available options, including historyless mode. Historyless mode can increase throughput in lossy environments such as VPNs, because neither side needs to send CCP Resets Requests to synchronize encryption contexts when packets are lost.
The following reference(s) were/was used to create this question:
Official (ISC)2 Guide to the CISSP CBK, Third Edition , pages 874 and 355 (IPSEC), 360
(SSH), 359 (PPTP), 362 (SSL), 361 (SOCKS), 360 (L2TP).
and
http://www.cisco.com/en/US/products/ps6587/productswhitepaper09186a008019bf38.sh tml#15190
NEW QUESTION # 580
...... For candidates who are going to select the CISSP training materials for the exam, the pass rate for the CISSP training materials is important. With pass rate reaching 98.65%, the exam dumps have reached great popularity among the candidates, and we have received many good feedbacks from the buyers. In addition, CISSP Exam Materials are edited by professional experts, they possess the professional knowledge for the exam, therefore the quality can be guaranteed. We have free demo for you to have a try for CISSP training materials. You can have a try before buying. CISSP Exam Forum: https://www.prepawaytest.com/ISC/CISSP-practice-exam-dumps.html Even if you have no time to carefully prepare for your CISSP Exam Forum exams, you also can smoothly pass your exam by aid of PrepAwayTest CISSP Exam Forum's exam questions and answers, Now these are not problems if you choose our CISSP practice materials, The advantages of our CISSP cram file are as follows, Especially to help those exam candidates who are baffled with exam right now, CISSP exam prep materials are just what they need. Performance enhancement begins with identifying the bottlenecks of your system the component that functions slowest, We are equipped with excellent materials covering most of knowledge points of CISSP pdf torrent.

Hot CISSP Instant Discount | Reliable CISSP Exam Forum: Certified Information Systems Security Professional 100% Pass

Even if you have no time to carefully prepare for your ISC Certification exams, you also can smoothly pass your exam by aid of PrepAwayTest's exam questions and answers, Now these are not problems if you choose our CISSP practice materials. The advantages of our CISSP cram file are as follows, Especially to help those exam candidates who are baffled with exam right now, CISSP exam prep materials are just what they need. The CISSP online test engine contains self-assessment features like marks, progress charts, etc.