〇：OCSP is a protocol developed specifically to check CRLs during the certificate validation process.

A Certificate Authority (CA) is responsible for creating certificates, maintaining and distributing them, and revoking them when necessary. Revocation is handled by the CA and the revoked certificate information is stored in a Certificate Revocation List (CRL). This is a list of all revoked certificates. This list is maintained and updated periodically. A certificate is revoked if the key owner’s private key has been compromised, if the CA has been compromised, or if the certificate is incorrect. If a certificate is revoked for any reason, the CRL is a mechanism for others to inform you of this information. The Online Certificate Status Protocol (OCSP) uses this CRL; when using CRLs, the user’s browser must examine the CRL value to the client to see if the accreditation has been revoked or the CA is constantly checking to make sure they have an updated CRL. If OCSP is implemented, it will do this automatically in the background. It performs real-time verification of the certificate and reports back to the user whether the certificate is valid, invalid, or unknown.

×：CRL was developed as a more efficient approach to OCSP.

CRLs are often incorrect because they are a cumbersome approach; OCSP is used to deal with this tediousness; OCSP does this work in the background when using CRLs; OCSP checks the CRL to see if the certificate has been revoked by Checks.

×：OCSP is a protocol for submitting revoked certificates to CRLs.

OCSP is incorrect because it does not submit revoked certificates to the CRL; the CA is responsible for certificate creation, distribution, and maintenance.

×：CRL provides real-time validation of certificates and reports to OCSP.

Incorrect because CRL does not provide real-time validation of certificates to OCSP.

〇：The format of the audit log is unknown and is not available to the intruder in the first place.

Audit tools are technical controls that track activity within a network, on a network device, or on a specific computer. Auditing is not activity that denies an entity access to a network or computer, but it tracks activity so that the security administrator can understand the type of access made, identify security violations, or alert the administrator of suspicious activity. This information points out weaknesses in other technical controls and helps the administrator understand where changes need to be made to maintain the required level of security within the environment. Intruders can also use this information to exploit these weaknesses. Therefore, audit logs should be protected by controls on privileges, permissions, and integrity, such as hashing algorithms. However, the format of system logs is generally standardized for all similar systems. Hiding the log format is not a normal measure and is not a reason to protect audit log files.

×：If not properly protected, audit logs may not be admissible during prosecution.

This is incorrect because great care must be taken to protect audit logs in order for them to be admissible in court. Audit trails can be used to provide alerts about suspicious activity that can be investigated later. In addition, it is useful in determining exactly how far away the attack took place and the extent of any damage that may have occurred. It is important to ensure that a proper chain of custody is maintained so that all data collected can be properly and accurately represented in case it needs to be used in later events such as criminal proceedings or investigations.

×：Because audit logs contain sensitive data, only a specific subset of users should have access to them.

This is incorrect because only administrators and security personnel need to be able to view, modify, and delete audit trail information. Others cannot see this data and can rarely change or delete it. The use of digital signatures, message digest tools, and strong access controls can help ensure the integrity of the data. Its confidentiality can be protected with encryption and access control as needed, and it can be stored on write-once media to prevent data loss or tampering. Unauthorized access attempts to audit logs should be captured and reported.

×：Intruders may attempt to scrub logs to hide their activities.

If an intruder breaks into your home, do your best to leave no fingerprints or clues that can be used to link them to criminal activity. The same is true for computer fraud and illegal activity. Attackers often delete audit logs that hold this identifying information. In the text, deleting is described as scrubbing. Deleting this information may alert administrators to an alert or perceived security breach and prevent valuable data from being destroyed. Therefore, audit logs should be protected by strict access controls.

〇：Increasing database security controls and providing more granularity.

The best approach to protecting the database in this situation would be to increase controls and assign detailed permissions. These measures would ensure that users cannot abuse their permissions and that the confidentiality of the information is maintained. The granularity of permissions would give network administrators and security professionals additional control over the resources they are charged with protecting, and the granular level would allow them to give individuals just the exact level of access they need.

×：Implement an access control where each user’s privileges are displayed each time they access the database.

Implementing an access control that displays each user’s permissions is incorrect because they are an example of one control each time they access the database. This is not the overall way of dealing with user access to a database full of information. This may be an example of better database security control, but it needs to be limited to the right places.

×：Change the classification label of the database to a higher security status.

The classification level of the information in the database should previously be determined based on its level of confidentiality, integrity, and availability. This option implies that a higher level of authorization should be given, but there is no indication in the question text that the security level is inappropriate.

×：Reduce security. Allow all users to access information as needed.

The answer to reduce security is incorrect.

〇：Only during code development.

Maintenance hoc refers to functions and tools that are temporarily used by the developer for testing purposes. In fact, in system development, tools are provided to assist in confirming that individual functions are working properly. However, if maintenance hocks are left in the production environment, they may be used by attackers and must be removed.

×：Maintenance hooks should not be used.

The use of maintenance hooks can make the work more efficient.

×：When you want to make the software available to administrators in a simplified manner.

In some cases, attackers can exploit tools that were supposed to be available only to administrators.

×：When you want users to be able to use the software in a simplified manner.

After the actual release of the software, maintenance hooks are not made available to users.

〇：Security Management Committee

Steve serves on the Security Steering Committee, which is responsible for making decisions on tactical and strategic security issues within the company. The committee consists of individuals from across the organization and should meet at least quarterly. In addition to the responsibilities outlined in this question, the Security Steering Committee is responsible for establishing a clearly defined vision statement that supports it in cooperation with the organizational intent of the business. It should provide support for the goals of confidentiality, integrity, and availability as they relate to the business goals of the organization. This vision statement should be supported by a mission statement that provides support and definition to the processes that apply to the organization and enable it to reach its business goals.

Each organization may call it by a different name, or they may be entrusted with a series of definition-to-approval processes for security. In this case, the term “operations” is the closest that comes to mind.

×：Security Policy Committee

This is incorrect because senior management is the committee that develops the security policy. Usually, senior management has this responsibility unless they delegate it to an officer or committee. The security policy determines the role that security plays within the organization. It can be organizational, issue specific, or system specific. The Governing Board does not directly create the policy, but reviews and approves it if acceptable.

×：Audit Committee

Incorrect because it provides independent and open communication between the Board of Directors, management, internal auditors, and external auditors. Its responsibilities include the system of internal controls, the engagement and performance of the independent auditors, and the performance of the internal audit function. The Audit Committee reports its findings to the Governing Board, but does not fail to oversee and approve the security program.

×：Risk Management Committee

Incorrect as it is to understand the risks facing the organization and work with senior management to bring the risks down to acceptable levels. This committee does not oversee the security program. The Security Steering Committee typically reports its findings to the Risk Management Committee on information security. The risk management committee should consider the entire business risk, not just the IT security risk.

〇：Control of the processing and distribution process

An important part of the digital forensic process is to maintain a proper chain of custody of evidence.

The question structure assumes Chain of Custody (Chain of Custody) from “the purpose of securing all evidence and notating it as information to be presented to those who verify it” and selects the one that comes closest to the definition.

×：Reasonable care

Wrong because reasonable care implies performing an activity that a reasonable person would be expected to perform under similar circumstances.

×：Investigation

Incorrect because investigation involves the proper collection of relevant data during the incident response process and includes analysis, interpretation, reaction, and recovery.

×：Motive, Opportunity, Means

Motive, Opportunity, and Means (MOM) is incorrect because it is a strategy used to understand why certain crimes were committed and by whom.

〇：To create an overview of business functions and systems

Outlining business functions and systems is not a reason to create and execute a disaster recovery plan. While these tasks are likely to be accomplished as a result of the disaster recovery plan, they are not a valid reason to implement the plan compared to other answers to the question. Usually occurring during the planning process, simply outlining business functions and systems is not enough to develop and implement a disaster recovery plan.

×：To create post-disaster recovery procedures

It is not correct to develop and implement a disaster recovery plan because providing post-disaster recovery procedures is a good reason to do so. In fact, this is exactly what a disaster recovery plan provides. The goal of disaster recovery is to take the necessary steps to minimize the impact of a disaster and ensure that resources, personnel, and business processes can resume operations in a timely manner. The goal of a disaster recovery plan is to handle the disaster and its consequences in the immediate aftermath.

×：To back up data and create backup operating procedures

Inappropriate, because not only backing up data but also extending backup operations is a good way to develop and implement a disaster recovery plan. When considering a disaster recovery plan, some companies focus primarily on backing up data and providing redundant hardware. While these items are very important, they are only a small part of a company’s overall operations. Hardware and computers need people to configure and operate them, and data is usually not useful unless it can be accessed by other systems or outside entities. All of these may require backups as well as data.

×：To establish emergency response procedures

This is incorrect because there are good reasons to establish and implement a disaster recovery plan, and providing emergency response procedures is a valid reason. Disaster recovery plans are implemented when everything is in emergency mode and everyone is scrambling to get all critical systems back online. Carefully written procedures will make this entire process much more effective.

Translated with www.DeepL.com/Translator (free version)

〇：Extraction of data from the database

In data classification, the data classification is used to specify which users have access to read and write data stored in the database, but it does not involve the extraction of data from the database. Therefore, the correct answer is “extraction of data from the database.

What is this? This is a question that you may think “What is this?” but you need to calmly analyze the classification of data and the manipulation of data. The more time you spend, the more tempted you are to give a difficult answer, but keeping calm is important in solving abstract problems.

×：Grouping hierarchically classified information

This is the primary activity of data classification.

×：Ensuring that non-confidential data is not unnecessarily protected

It is written in a complicated way, but it says that what does not need to be protected does not need the ability to be protected either.

×：Understanding the impact of data leakage

Although not directly, we may check the impact of a data breach in order to understand its importance in classifying data. Ka.

〇：Stateful Inspection

Stateful Inspection detects abnormal communication in which the request and response are linked and only the response is returned from a different server. Therefore, the correct answer is “Stateful Inspection.

×：Application Gateway

Commonly referred to as WAF, this is used when filtering is performed based on strings in telegrams, such as SQL injection.

×：Packet Filtering

Used for filtering by IP address or port.

×：Session Gateway

There is no such firewall category.

〇：AS / NZS 4360

AS / NZS 4360 can be used for security risk analysis, but it was not created for that purpose. It takes a much broader approach to risk management than other risk assessment methods, such as NIST or OCTAVE, which focus on IT threats and information security risks. AS / NZS 4360 can be used to understand a firm’s financial, capital, personnel safety, and business decision-making risks.

×：FAP

Incorrect as there is no formal FAP risk analysis methodology.

×：OCTAVE

Image B is incorrect because it focuses on IT threats and information security risks. OCTAVE is intended for use in situations that manage and direct information security risk assessments within an organization. Employees of an organization are empowered to determine the best way to assess security.

×：NIST SP 800-30

Wrong because it is specific to IT threats and how they relate to information threats. Focus is primarily on systems. Data is collected from network and security practices assessments and from people within the organization. Data is used as input values for the risk analysis steps outlined in the 800-30 document.

〇：OSI reference model

The OSI reference model is a seven-layer classification of network communication. The concepts of application communication and session are separated, which would be clearly communicated based on the OSI reference model. Therefore, the correct answer is “OSI reference model.

×：TCP/IP model

The TCP/IP model is a layer design that is closer to the concept of a system than the OSI reference model; in the TCP/IP model, the application layer, presentation layer, and session layer of the OSI reference model are represented by a single application layer.

×：Data link model

There is no such model.

×：Biba model

Biba model is one of the security models that indicates that data cannot be changed without permission.

〇：TOGAF

The Open Group Architecture Framework (TOGAF) is a vendor-independent platform for the development and implementation of enterprise architecture. It focuses on the effective management of enterprise data using metamodels and service-oriented architectures (SOA). Proficient implementations of TOGAF aim to reduce fragmentation caused by inconsistencies between traditional IT systems and actual business processes. It also coordinates new changes and functionality so that new changes can be easily integrated into the enterprise platform.

×：Department of Defense Architecture Framework (DoDAF)

In accordance with the guidelines for the organization of the enterprise architecture of the U.S. Department of Defense systems, this is incorrect. It is also suitable for large, complex integrated systems in the military, civilian, and public sectors.

×：Capability Maturity Model Integration (CMMI) during software development.

It is inappropriate because it is a framework for the purpose of designing and further improving software. CMMI provides a standard for software development processes that can measure the maturity of the development process.

×：ISO/IEC 42010

Incorrect because it consists of recommended practices to simplify the design and conception of software-intensive system architectures. This standard provides a kind of language (terminology) to describe the different components of software architecture and how to integrate it into the development life cycle.

〇：MTTR

Mean Time to Repair (MTTR) is the average time it takes to repair a device and return it to pre-failure production. Using a redundant array as an example, MTTR is the time it takes to replace the failed drive after the actual failure is noticed and the time the redundant array has completed rewriting the information on the new drive. Therefore, the correct answer is MTTR.

×：SLA

Service Level Agreements (SLA) are agreements on service quality, such as usage volume and failure recovery.

×：Hot Swap

Hot swapping refers to replacing, attaching, or disconnecting parts, cables, etc. while equipment is still in operation.

×：MTBF

Mean Time Between Failures (MTBF) is the average time it takes for a device to fail after repair.

〇：* (star) Integrity Property

The Biba model defines a model with completeness as having two axioms. The * (star) Integrity Property is that the subordinate’s document is to be seen and there is no Read Down. The * (star) Integrity Property is that there is no Write Up, that is, no rewriting of the supervisor’s document. If the Simple Integrity Axiom is not followed, the subordinate’s document will be seen and may absorb unclassified and incorrect information at a lower level. If the * (star) Integrity Property is not followed, a supervisor’s document will be rewritten, which will release incorrect information to the supervisor who sees it. Therefore, both are integrity conditions.

×：Simple Integrity Property

The Simple Integrity Property is a constraint on Read Down.

×：Strong Tranquillity Axiom

The Strong Tranquillity Axiom is the constraint not to change permissions while the system is running.

×：Weak Tranquillity Axiom

Weak Tranquillity Axiom means do not change privileges until the attribute is inconsistent.

〇：The attacker knows nothing about the organization other than the information that is publicly available.

In black box testing (zero-knowledge), the attacker has no knowledge about the organization other than the publicly available information. The focus is on what the external attacker does. Therefore, the correct answer is “knows nothing about the organization other than the information that is publicly available.” The result will be

×：I know everything.

White box testing is testing to verify the operation of a program, which is done after knowing what is in the program.

×：I keep the product manual and retain privileged access.

A gray box test is a test that is performed by a pen tester to some extent, with the attacker having only limited knowledge of the program.

This is a white box test or gray box test.

×：The vendor retains an accessible level of information.

In a black box test, the attacker has no information in principle.

〇：The expiration date should be set short.

Key management is critical for proper protection. Part of key management is to determine the key’s period of validity, which would be determined by the sensitivity of the data being protected. For sensitive data, periodic key changes are required and the key’s expiration date will be shortened. On the other hand, for less secure data, a key with a longer expiration date is not a problem.

×：Keys should be deposited in case of backup or emergency.

This is incorrect because it is true that keys must be deposited in the event of a backup or emergency situation. Keys are at risk of being lost, destroyed or damaged. Backup copies must be available and readily accessible when needed.

×：Keys must not be made public.

Of course. It is a key.

×：Keys should be stored and transmitted by secure means.

Wrong, since it is true that keys should be stored and transmitted by secure means. Keys are stored before and after distribution. If keys are distributed to users, they must be stored in a secure location in the file system and used in a controlled manner.

〇：Database Migration

The movement of accessible data from one repository to another may be required over its lifetime, but is generally not as important as the other phases provided in response to this question.

×：Data specification and classification

This is incorrect because the determination of what the data is and its classification is the first essential phase that can provide the appropriate level of protection.

×：Continuous monitoring and auditing of data access

Incorrect because without continuous monitoring and auditing of access to sensitive data, breaches cannot be identified and security cannot be guaranteed.

×：Data Archiving

Incorrect as even the most sensitive data is subject to retention requirements. This means that it must be archived for an appropriate period of time and with the same level of security as during actual use.

MAC (mandatory access control) is often used when confidentiality is of utmost importance. Access to objects is determined by labels and clearances. It is often used in organizations where confidentiality is very important, such as the military.

〇：Verifying Data Availability

The responsibility for verifying data availability is the sole responsibility that does not belong to the data (information) owner. Rather, it is the responsibility of the data (information) controller. The data controller is also responsible for maintaining and protecting the data in accordance with the data owner’s instructions. This includes performing regular backups of data, restoring data from backup media, maintaining records of activities, and enforcing information security and data protection requirements in company policies, guidelines, and standards. Data owners work at a higher level than data managers. The data owner basically says, “This is the level of integrity, availability, and confidentiality you need to provide. Please do it now”. The data administrator is executing these permissions and following up on the installed controls to ensure they are working properly.

×：Assigning Information Classification

Incorrect as you are asking if Jim is not responsible for the assignment of information classifications because as the data owner, Jim is responsible for the assignment of information classifications.

×：Determining how to protect data

Incorrect because the data owner, such as Jim, is responsible for determining how the information is protected. The data owner has organizational responsibility for data protection and is liable for any negligence with respect to protecting the organization’s information assets. This means that Jim needs to decide how to protect the information and ensure that the data controller (a role usually occupied by IT or security) is implementing these decisions.

×：Determining how long to retain data

This is incorrect because the decision of how long to retain data is the responsibility of the data owner. The data owner is also responsible for determining who can access the information and ensuring that the appropriate access rights are used. He may approve access requests himself or delegate that function to the business unit manager. The business unit manager approves the request based on the user access criteria defined by the data owner.

〇：Parallel testing or full interruption testing

A Business Impact Analysis (BIA) is considered a functional analysis where the team gathers data through interviews and documentation sources. Document business functions, activities, and transactions. Develop a hierarchy of business functions. Finally, a classification scheme is applied that indicates the level of importance of each individual function. Parallel and full interruption tests are not part of the BIA. These tests are performed to ensure the ongoing effectiveness of the business continuity plan to accommodate the constantly changing environment. While full interruption testing involves shutting down the original site and resuming operations and processing at an alternate site, parallel testing is performed to ensure that a particular system will actually function properly at the alternate off-site function.

×：Application of a classification scheme based on criticality levels.

This is incorrect because it is performed during a BIA. This is done by identifying a company’s critical assets and mapping them to characteristics such as maximum allowable downtime, operational disruption and productivity, financial considerations, regulatory liability, and reputation.

×：Gathering information through interviews

This is not correct as it is done during the BIA. The BCP committee does not truly understand all business processes, the steps to be taken, or the resources and supplies those processes require. Therefore, the committee should collect this information from people in the know, which are department heads and specific employees within the organization.

×：Document business functions

This is incorrect because the BCP committee makes this part of the BIA. Business activities and transactions must be documented. This information can come from department managers and specific employees who are interviewed or surveyed. Once the information is documented, the BCP committee can conduct an analysis to determine which processes, equipment, or operational activities are most critical.

〇：Dictionary attack

There is a limit to the complexity that humans can remember. Consciously, we treat words and character strings we already know as passwords. To address such vulnerabilities, the act of cracking passwords by guessing passwords based on existing words or character strings is called a dictionary attack.

×：Typical Sentence attack

There is no such attack named as such yet.

×：Brute force attack

Brute force is an unauthorized login in which the user tries to guess a password at random.

×：Birthday attack

A birthday attack is an efficient method of unauthorized login by taking advantage of encryption collisions heightened by at least one overlapping probability theory.

〇：A review by another coder after the coder has completed coding.

A static code review is a review performed by another engineer to mitigate points that were not apparent to the author. Thus, the correct answer is “Reviewed by another coder after the coder’s coding is complete.” will be.

×：To allow coders to see each other’s coding and work in parallel.

Extreme programming (XP, extreme programming) is a flexible method of developing a program while discussing it in pairs. It is not code review.

×：Ensuring that proper transaction processing is applied before check-in.

This is a statement about database commitment.

×：Ensuring that the appropriate questions and answers exist.

The presence of appropriate question and answer may be part of what is performed during the code review, but it is not a description of the code review itself.

〇：Entity integrity

Entity integrity ensures that a tuple is uniquely identified by its primary key value. A tuple is a row in a two-dimensional database. The primary key is the corresponding column value that makes each row unique. For entity integrity, every tuple must contain one primary key. If a tuple does not have a primary key, the tuple will not be referenced by the database.

×：Concurrent Maintainability

Concurrent integrity is not a formal term in database software and is therefore incorrect. There are three main types of integrity services: semantic, reference, and entity. Concurrency is software that is accessed by multiple users or applications simultaneously. Without controls in place, two users can access and modify the same data at the same time.

×：Referential Integrity

Referential integrity is incorrect because it references all foreign keys that refer to an existing primary key. There must be a mechanism to ensure that foreign keys do not contain references to non-existent records or null-valued primary keys. This type of integrity control allows relationships between different tables to work properly and communicate properly with each other.

×：Semantic Integrity

The semantic integrity mechanism is incorrect because it ensures that the structural and semantic rules of the database are in place. These rules concern data types, boolean values, uniqueness constraints, and operations that may adversely affect the structure of the database.

〇：Conforms to the X.509 standard and assigns a namespace to each object accessed in the database by LDAP.

Most companies have directories that contain information about company network resources and users. Most directories use a hierarchical database format based on the X.500 standard (not X.509) and a type of protocol such as LDAP (Lightweight Directory Access Protocol) that allows subjects and applications to interact with the directory The application can then use LDAP to access the directory. Applications can request information about a particular user by making an LDAP request to the directory, and users can request information about a particular resource using a similar request. The directory service assigns an Distinguished Name (DN) to each object in the database based on the X.500 standard to be accessed. Each distinguished name represents a set of attributes about a particular object and is stored as an entry in the directory.

×：Namespaces are used to manage objects in the directory.

This is incorrect because objects in a hierarchical database are managed by a directory service. Directory services allow administrators to configure and manage identification, authentication, permissions, and access control for the network. Objects in the directory are labeled and identified by namespace, which is how the directory service keeps objects organized.

×：Enforce security policies by performing access control and identity management functions.

This is incorrect because directory services enforce the security policy set by performing access control and identity management functions. For example, when a user logs into a domain controller in a Windows environment, the directory service (Active Directory) determines which network resources are accessible and which are not.

×：Administrators can configure and manage how identification takes place within the network.

Directory service is incorrect because it allows the administrator to configure and manage identification within the network. It also allows for the configuration and management of authentication, authorization, and access control.

〇：Used in structured languages, it decreases development time but is somewhat resource intensive.

Third generation programming languages are easier to deal with than their predecessors. They reduce program development time and allow for simplified and quick debugging. However, these languages are more resource intensive when compared to second generation programming languages.

×：Intuitive manipulation of programming reduces effort, but the amount of manual coding for specific tasks tends to be greater than in previous generations.

The advantages and disadvantages of 4th generation programming are explained below. It is true that the use of heuristics in fourth generation programming languages has greatly reduced programming effort and errors in the code. However, there is something untrue about the fact that the amount of manual coding is more than required of 3rd generation languages.

×：The use of binaries for coding is very time consuming, but the potential for errors is reduced.

This is incorrect because it is a description of a machine language and implies the advantages and disadvantages of a first generation programming language.

×：It contributes to decreasing programming processing time, but knowledge of machine structures is essential.

Incorrect because it describes second generation programming languages. These languages require extensive knowledge of machine architecture and the programs written in them are only for specific hardware.

〇：VLAN

Virtual LANs (VLANs) allow logical isolation and grouping of computers based on resource requirements, security, or business needs, despite the standard physical location of the system. Computers in the same department configured on the same VLAN network can all receive the same broadcast messages, allowing all users to access the same types of resources regardless of their physical location.

×：Open Network Architecture  

Open network architecture is wrong because it describes the technology that can configure a network; the OSI model provides a framework for developing products that operate within an open network architecture.

×：Intranet

Incorrect because an intranet is a private network used by a company when it wants to use Internet and Web-based technologies in its internal network.

×：VAN  

Incorrect because a Value Added Network (VAN) is an electronic data interchange (EDI) infrastructure developed and maintained by a service bureau.

〇：Service Strategy

The basic approach of ITIL is to create a service strategy that focuses on the overall planning of the intended IT services. Once the initial planning is complete, it provides guidelines for the design of validated IT services and overall implementation policies. The service transition phase is then initiated, providing guidelines for the assessment, testing, and validation of the IT services. This enables the transition from the business environment to the technical service. Service Operations ensures that all determined services have achieved their objectives. Finally, Continuous Service Improvement points out areas for improvement throughout the service lifecycle. Service strategy is considered the core of ITIL. It consists of a set of guidelines that include best practices for planning, design, and alignment of IT and business approaches, market analysis, service assets, setting goals to provide quality service to customers, and the strategy and value of implementing the service strategy.

×：Service Operations

Service operations is a critical component of the lifecycle when services are actually delivered, and something like ITIL that provides guidance is not at the core of actual operations. Lifecycle operations define a set of guidelines that ensure that an agreed level of service is delivered to the customer. The different genres incorporated by service operations include event management, problem management, access management, incident management, application management, technology management, and operations management. Service Operations balances between conflicting goals such as technology and business requirements, stability and responsiveness, cost and quality of service, and competing proactive activities.

×：Service Design

Inadequate because it involves a set of best practices for the design of IT services, including processes, architecture, policies, and documentation to meet current and future business requirements. The goal of service design is to design services according to agreed business objectives. Design processes that can support lifecycle and risk identification and management. Involves improving IT service quality as a whole.

×：Service Migration

Service Migration is incorrect because it focuses on delivering the services proposed by the business strategy for operational use. It also includes guidelines to enable a smooth transition of the business model to technical services. If service requirements change after design, Service Migration ensures that those requirements are delivered in accordance with the changed design. Areas of focus for these guidelines include the responsibilities of personnel involved in the migration transition plan and support, change management, knowledge management, release and deployment management, service verification and testing, and evaluation.

〇：Provisioning accounts, modifying accounts, auditing account usage, and deactivating accounts.

All phases of the authenticated access lifecycle should be considered. Access should not be granted without proper instructions, nor should access be granted or denied without expected authorization. Suspension of access must also be auditable.

×：Provisioning or adding accounts, changing accounts, and suspending accounts.

Incorrect because it does not include auditing of account usage.

×：Adding an account, deleting an account, or deleting a user’s data.

Incorrect because deletion of user data may conflict with data retention requirements.

×：Verifying account passwords, checking account usage, and deleting accounts.

Incorrect because it is merely an authentication step and not related to account management.

〇：Zachman Framework

The Zachman Framework is an enterprise architecture that determines the what, how, where, who, when, and why for each mandate. Enterprise architecture is to create a management structure to achieve business goals. We create an organization to achieve business goals, and basically, the larger the business goals, the larger the organization. If the structure of the organization is not in place, the organization will not run efficiently, as there may be residual work that needs to be done, or there may be friction between jobs due to authority that is covered by others. Therefore, it is necessary to clarify the scope of each job authority in order to put the organization in order. The job authority here is different from the perspectives of human resources or sales. It is easier to think of them as hierarchically separated to achieve business goals. Clarify the scope in Executive, Business Management, Architecture, Engineers, Subcontractors, and Stakeholders, respectively. Therefore, the correct answer is the Zachman Framework.

×：SABSA

SABSA (Sherwood Applied Business Security Architecture) is a framework to ensure that security measures are working properly in achieving business goals. Unlike the Zachman Framework, the tasks to be organized are hierarchical elements. Business Requirements > Conceptual Architecture > Logical Service Architecture > Physical Infrastructure Architecture > Technology and Products, each with a 5W1H practice.

×：Five-W method

There is no such term. If there is, it is a term coined to make it easier to interpret.

×：Biba Model

The Biba model is a security model that indicates that data cannot be changed without permission.

〇：Run an algorithm that identifies unused committed memory and informs the operating system that memory is available.

This answer describes the function of the garbage collector, not the memory manager. The garbage collector is a countermeasure against memory leaks. It is software that runs an algorithm to identify unused committed memory and tells the operating system to mark that memory as “available. Different types of garbage collectors work with different operating systems, programming languages, and algorithms.

In some cases, a four-choice question can be answered without knowing the exact answer; since there is only one correct answer in a four-choice question, the answers can be grouped together to reduce it to “since they are saying the same thing, it is not right that only one of them is correct, therefore they are both wrong.

There are two answers to the effect of controlling the process to handle memory appropriately, but if the memory manager does not have that functionality, both would be correct, and therefore can be eliminated from the choices in the first place.

×：If processes need to use the same shared memory segment, use complex controls to guarantee integrity and confidentiality.

If processes need to use the same shared memory segment, the memory manager uses complex controls to ensure integrity and confidentiality. This is important to protect memory and the data in it, since two or more processes can share access to the same segment with potentially different access rights. The memory manager also allows many users with different levels of access rights to interact with the same application running on a single memory segment.

×：Restrict processes to interact only with the memory segments allocated to them.

The memory manager is responsible for limiting the interaction of processes to only those memory segments allocated to them. This responsibility falls under the protection category and helps prevent processes from accessing segments to which they are not allowed. Another protection responsibility of the memory manager is to provide access control to memory segments.

×：Swap contents from RAM to hard drive as needed.

This is incorrect because swapping contents from RAM to hard drive as needed is the role of memory managers in the relocation category. When RAM and secondary storage are combined, they become virtual memory. The system uses the hard drive space to extend the RAM memory space. Another relocation responsibility is to provide pointers for applications when instructions and memory segments are moved to another location in main memory.

The Health Insurance Interoperability and Accountability Act (HIPAA) has three rules: the Privacy Rule, the Security Rule, and the Breach Notification Rule. The rules mandate administrative, physical, and technical safeguards.

IEEE 802.11 is one of the wireless LAN standards established by IEEE.

〇：IGRP

The Internal Gateway Routing Protocol (IGRP) is a distance vector routing protocol developed by and proprietary to Cisco Systems, Inc. Whereas the Routing Information Protocol (RIP) uses one criterion to find the optimal path between source and destination, IGRP uses five criteria to make an “optimal route” determination. The network administrator can set weights on these different metrics so that the protocol works optimally in its particular environment.

×：RIP  

Routing Information Protocol (RIP) is incorrect because it is not proprietary; RIP allows routers to exchange routing table data and calculate the shortest distance between source and destination. It is considered a legacy protocol due to poor performance and lack of features. It should be used in smaller networks.

×：BGP

Border Gateway Protocol (BGP) is incorrect because it is an Exterior Gateway Protocol (EGP); BGP allows routers in different ASes to share routing information to ensure effective and efficient routing between different networks. BGP is used by Internet Service Providers.

×：OSPF  

OSPF is incorrect because it is not proprietary; it uses a link-state algorithm to transmit information in the OSPF routing table. Smaller and more frequent routing table updates.

Computer worms are standalone malware computer programs that replicate themselves and spread to other computers. They typically operate at OSI reference layers 5-7.

〇：Conduct a risk analysis.

The first step in the procedure described, which is the first step to be taken only to deploy an effective physical security program, is to conduct a risk analysis to identify vulnerabilities and threats and to calculate the business impact of each threat. The team presents the results of the risk analysis to management to define an acceptable risk level for the physical security program. From there, the team evaluates and determines if the baseline is met by implementation. Once the team identifies its responses and implements the measures, performance is continually evaluated. These performances will be compared to the established baselines. If the baseline is maintained on an ongoing basis, the security program is successful because it does not exceed the company’s acceptable risk level.

×：Create a performance metric for the countermeasure.  

The procedure to create a countermeasure performance metric is incorrect because it is not the first step in creating a physical security program. If monitored on a performance basis, it can be used to determine how beneficial and effective the program is. It allows management to make business decisions when investing in physical security protection for the organization. The goal is to improve the performance of the physical security program, leading to a cost-effective way to reduce the company’s risk. You should establish a performance baseline and then continually evaluate performance to ensure that the firm’s protection goals are being met. Examples of possible performance metrics include: number of successful attacks, number of successful attacks, and time taken for attacks.

×：Design program.  

Designing the program is wrong because it should be done after the risk analysis. Once the level of risk is understood, then the design phase can be done to protect against the threats identified in the risk analysis. The design of deterrents, delays, detections, assessments, and responses will incorporate the necessary controls for each category of the program.

×：Implement countermeasures.  

Wrong because implementing countermeasures is one of the last steps in the process of deploying a physical security program.

〇：CA signs certificates.

A Certificate Authority (CA) is a trusted agency (or server) that maintains digital certificates. When a certificate is requested, the Registration Authority (RA) verifies the identity of the individual and passes the certificate request to the CA The CA creates the certificate, signs it, and maintains the certificate over its lifetime.

×：RA creates the certificate and CA signs it.

Incorrect because the RA does not create the certificate; the CA creates it and signs it; the RA performs authentication and registration tasks; establishes the RA, verifies the identity of the individual requesting the certificate, initiates the authentication process to the CA on behalf of the end user, and performs certificate life cycle RAs cannot issue certificates, but can act as a broker between the user and the CA When a user needs a new certificate, they make a request to the RA and the RA goes to the CA to verify all necessary identification before granting the request The RA verifies all necessary identification information before granting the request.

×：RA signs certificates.

The RA signs the certificate, which is incorrect because the RA does not sign the certificate; the CA signs the certificate; the RA verifies the user’s identifying information and then sends the certificate request to the CA.

×：The user signs the certificate.

Incorrect because the user has not signed the certificate; in a PKI environment, the user’s certificate is created and signed by the CA. The CA is a trusted third party that generates the user certificate holding its public key.

〇：Security

Voice over Internet Protocol (VoIP) refers to a transmission technology that delivers voice communications over an IP network; IP telephony uses technology that is similar to TCP/IP and therefore similar in its vulnerabilities. Voice systems are vulnerable to application manipulation and unauthorized administrative access. It is also vulnerable to denial of service attacks against gateway and network resources. Eavesdropping is also a concern since data traffic is transmitted in clear text unless encrypted.

The term security is a difficult answer to choose from because it has a very broad meaning. However, information security scriptures such as CISSP are persistent in saying that VoIP has vulnerabilities. Although this answer is a bit over the top in practical terms, it was made to educate the public, because depending on the creator’s intentions, this issue may arise.

×：Cost

Wrong, because cost is an advantage of VoIP; with VoIP’s, a company becomes a dedicated alternative to a separate network dedicated to data transmission and voice transmission. For telephony features such as conference calling, call forwarding, and automatic redialing are freed up in VoIP, which is open source, while companies that use traditional communications charge for VoIP.

×：Convergence

Wrong because convergence is the advantage of VoIP. Convergence means the integration of traditional IP networks with traditional analog telephone networks.

×：Flexibility

Wrong, because flexibility is an advantage of VoIP. The technology is very simple, easy and supports multiple calls over a single Internet broadband connection.

Unfortunately, security components usually affect system performance but go unnoticed by the user. If system performance is significantly slower, security controls may be enforced. The reason controls must be transparent is so that users and intruders do not know enough to disable or bypass them.

While it is important to understand the term “transparent” in the realm of security, there is another way to answer the question in terms of solving it. If there is only one answer to a four-answer question, then answers that mean the same thing cannot be correct. Therefore, by grouping, the only answer that is correct is the one that does not belong to a group.

And the key point in this question is whether the user knows. The other choices indicate that the situation is communicated on the server side as an outsider, whether a legitimate user or an attacker, whereas only one is acknowledged on the server administrator’s side.

〇：Password synchronization between different systems

Password synchronization is designed to reduce the complexity of maintaining different passwords for different systems. Password synchronization technology allows a single password to be maintained across multiple systems by transparently synchronizing passwords to other systems in real time. This reduces help desk call volume. However, one of the disadvantages of this approach is that only one password is used to access different resources. This means that a hacker only needs to figure out one set of credentials to gain unauthorized access to all resources. Therefore, the correct answer is “password synchronization between different systems”.

×：Password reset by administrator query

This does not reduce the amount of help desk support because the end user must contact the administrator.

×：End-user manual password reset by self-service

This is the so-called “self-service” password reset, in which end users change their passwords themselves from their profile pages.

This is the most practical way to reduce the amount of helpdesk support, but it does not meet the requirement of easy access to multiple resources in case of a password compromise.

×：Password reset by inquiry

This does not reduce the amount of helpdesk support because it requires the end user to contact the administrator. An inquiry is an inquiry whether or not an administrator is attached.

〇：Content Delivery Network (CDN)

Content delivery networks (CDNs) are designed to optimize the delivery of content to clients based on their global topology. In such a design, multiple web servers hosted at many points of existence on the Internet are globally synchronized and contain the same content, and the client is usually directed to the nearest source via DNS record manipulation based on geolocation algorithms for can be directed to.

×：Distributed Name Service (DNS)

Wrong, as there is no protocol called Distributed Name Service; DNS refers to the Domain Name Service protocol.

×：Distributed Web Service (DWS)

Distributed Web Services is also wrong because it is an incorrect answer. The concept of a distributed Web services discovery architecture is not a formal protocol, although it has been discussed by the IEEE and others.

×：Content Domain Distribution (CDD)

The term Content Domain Distribution (CDD) does not appear in CISSP’s CBK terminology.

Circuit switching is a dedicated communication channel through a network. The circuit guarantees full bandwidth. The circuit functions as if the nodes were physically connected by cables.

Injection attacks are cracking attacks in which special strings are embedded in user forms and submitted to malfunction the receiving user’s information processing. Sufficiently strong input validation and data type restrictions on input fields, input length limits, and modifications are to do it. Only allow users to enter appropriate data into fields. Limit the number of characters a user can use, and possibly restrict by character type, allowing only letters in names, numbers in phone numbers, and displaying country and state drop-downs.

〇：Capability Maturity Model Integration

Capability Maturity Model Integration (CMMI) is a comprehensive set of integration guidelines for developing products and software. It addresses the various phases of the software development life cycle, including concept definition, requirements analysis, design, development, integration, installation, operation, maintenance, and what should happen at each stage. The model describes the procedures, principles, and practices underlying the maturation of the software development process. It was developed to help software vendors improve their development processes. It will improve software quality, shorten the development life cycle, create and meet milestones in a timely manner, and adopt a proactive approach rather than a reactive approach that is less effective.

×：Software Development Life Cycle

Incorrect because the Software Development Life Cycle (SDLC) describes how a system should be developed and maintained throughout its life cycle and does not involve process improvement.

×：ISO/IEC 27002

Incorrect because ISO/IEC 27002 is an international standard that outlines how the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) create and maintain an organizational information security management system (ISMS). ISO/IEC 27002 has a section dealing with the acquisition, development, and maintenance of information systems, but does not provide a process improvement model for software development.

×：Certification and Accreditation Process

This is incorrect because the certification and accreditation (C&A) process handles testing and evaluation of systems against predefined criteria. This has nothing to do with improving the software development process.

〇：Subject

The functionality table identifies the access rights that a particular subject owns with respect to a particular object. Each subject is mapped for a function (capability) such as read or write perform. Therefore, the subject is the one that seems to fit in the choices.

×：Objects

Incorrect because the Object is bound to an Access Control List (ACL), not a functional component.

×：Product

Product is incorrect because it is just an example to implement a subject, object, or feature table.

×：Application

Application is incorrect because it is just a concrete example of an object.

〇：Business Continuity Processes Integrate Change Management Processes

Unfortunately, business continuity plans can quickly become outdated. An outdated BCP can give a company a false sense of security, which can be fatal if a disaster actually occurs. One of the simplest, most cost-effective, and process-efficient ways to keep your plan current is to incorporate it into your organization’s change management process. Are new applications, equipment, and services documented? Are updates and patches documented? The change management process should be updated to incorporate fields and triggers that alert the BCP team when significant changes occur and provide a means to update recovery documentation. Ensure that the BCP is kept up-to-date, and other measures include maintaining personnel evaluations of the plan and conducting regular training on using the plan, such as making business continuity part of all business decisions.

×：Update hardware, software, and application changes

Wrong because hardware, software, and application changes occur frequently; unless the BCP is part of a change management process, these changes are not included in the BCP. The BCP should be updated when changes to the environment occur. If it is not updated after a change, it is out of date.

×：Infrastructure and Environment Change Updates

Incorrect because infrastructure and environment changes occur frequently. Unless the BCP is part of a change management process, as with software, hardware, and application changes, infrastructure and environment changes are unlikely to result in a transition to the BCP.

×：Personnel changes

Incorrect, as the plan may become obsolete. It is not uncommon for BCPs to be abandoned when the person or persons responsible for maintenance leave the company. These responsibilities must be reassigned. To ensure this, maintenance responsibilities must be built into job descriptions and properly monitored.

〇：Time-Based Synchronous Dynamic Token

A synchronous token device synchronizes with the authentication service using time or a counter as a core part of the authentication process. When synchronization is time-based, the token device and authentication service must maintain the same time within their internal clocks. The time values of the token device and private key are used to generate a one-time password that is displayed to the user. The user then passes this value and user ID to the server running the authentication service and enters this value and user ID into the computer. The authentication service decrypts this value and compares it to the expected value. If both match, the user is authenticated and allowed to use the computer and resources.

×：Counter-Based Synchronous Dynamic Token

If the token device and authentication service use counter synchronization, it is incorrect because it is not based on time. When using a counter-synchronized token device, the user must initiate the creation of a one-time password by pressing a button on the token device. This causes the token device and authentication service to proceed to the next authentication value. This value, the base secret, is hashed and displayed to the user. The user enters this resulting value along with the user ID to be authenticated. For either time or counter-based synchronization, the token device and authentication service must share the same secret base key used for encryption and decryption.

×：Asynchronous Tokens

Asynchronous token generation methods are incorrect because they use a challenge/response method for the token device to authenticate the user. Instead of using synchronization, this technique does not use separate steps in the authentication process.

×：Mandatory Tokens

Wrong because there is no such thing as a mandatory token. This is an incorrect answer.

〇：Known Plaintext Attacks

A known-plaintext attack is a situation in which a decryptor can obtain plaintext indiscriminately. A ciphertext-alone attack is a situation where a decryptor can acquire ciphertext indiscriminately. A known-plaintext attack acquires the plaintext but does not know what ciphertext it is paired with, meaning that decryption is attempted with only two random ciphertexts. In this situation, it is difficult to decrypt. Therefore, the correct answer is “known-plaintext attack.

×：Selective Plaintext Attack

A choice-plaintext attack is a situation in which the decryptor can freely choose the plaintext to acquire and obtain the ciphertext.

×：Adaptive Choice Plaintext Attack

An adaptive choice-plaintext attack is a situation in which the decryptor can freely choose which plaintext to acquire and acquire the ciphertext, and can repeat the acquisition again after seeing the result.

×：None of the above

It is rare for the answer to be “none of the above” when the choice is “most of the above.

〇：Increased Processing Power

The increased processing power of personal computers and servers has increased the probability of successful brute force and cracking attacks against security mechanisms that were not feasible a few years ago. Today’s processors can execute an incredible number of instructions per second. These instructions can be used to break passwords, encryption keys, or direct malicious packets to be sent to the victim’s system.

×：Increased circuitry, cache memory, and multiprogramming

This is incorrect because an increase does not make a particular type of attack more powerful. Multiprogramming means loading multiple programs or processes into memory at the same time. It allows antivirus software, word processors, firewalls, and e-mail clients to run simultaneously. Cache memory is a type of memory used for fast write and read operations. If the system expects that the program logic will need to access certain information many times during processing, the information is stored in cache memory for easy and quick access.

×：Dual-mode computation

The answer is not specific and does not measure conformance to the problem. When examining microprocessor advances, there is no actual dual-mode calculation.

×：Direct Memory Access I/O

Incorrect because this method transfers instructions and data between I/O (input/output) devices and the system’s memory without using the CPU. Direct Memory Access I/O significantly increases data transfer speed.

P.A.S.T.A. is a seven-step process to find ways to protect the value of your assets while analyzing your compliance and business. P.A.S.T.A. provides a roadmap. Threat management processes and policies can be discovered. The main focus is on finding threats, which is where risk-centric thinking and simulation come into play.

〇：ACL

Access Control List (ACL) A map value from the Access Control Matrix to an object; ACLs are used in several operating system, application, and router configurations. They are lists of items that are authorized to access a particular object and they define the level of authorization to be granted. Authorization can be specified to an individual or to a group. Therefore, ACLs are bound to an object and indicate which subjects can access it, and feature tables are bound to a subject and indicate which objects the subject can access.

×：Function table

The function table is a row in the access control matrix.

×：Constraint Interface

Constraint interfaces are wrong because they limit the user’s access ability by not allowing them to request certain functions or information or have access to certain system resources.

×：Role-based values

The role-based access control (RBAC) model, called non-discretionary access control, is wrong because it uses a centralized set of controls to determine how subjects and objects interact.

〇：Tell your business partner that your company is not ready

Planned business continuity procedures can provide an organization with many benefits. In addition to the other response options listed previously, organizations can provide a quick and appropriate response to an emergency, mitigate the impact on their business, and work with outside vendors during the recovery period. Efforts in these areas should communicate to business partners that they are prepared in the event of a disaster.

×：Resuming Critical Business Functions

This is incorrect because a business continuity plan allows an organization to resume critical business functions. As part of the BCP development, the BCP team conducts a business impact analysis that includes identifying the maximum allowable downtime for critical resources. This effort helps the team prioritize recovery efforts so that the most critical resources can be recovered first.

×：Protecting Lives and Ensuring Safety

Business continuity planning allows organizations to protect lives and ensure safety, which is wrong. People are a company’s most valuable asset. Therefore, human resources are an integral part of the recovery and continuity process and must be fully considered and integrated into the plan. Once this is done, a business continuity plan will help a company protect its employees.

×：Ensure business viability

This is a fallacy because a well-planned business continuity plan can help a company ensure the viability of its business. A business continuity plan provides methods and procedures for dealing with long-term outages and disasters. It involves moving critical systems to another environment while the original facility is being restored and conducting business operations in a different mode until normal operations return. In essence, business continuity planning addresses how business is conducted after an emergency.

〇：Review the schedule.

Unit testing is testing to confirm that the developed module works as a stand-alone unit. Acceptance testing is testing to make sure that the customer who ordered the development actually uses it and is satisfied with it. Acceptance testing cannot take the place of unit testing. It is not upward compatible as a test, and the perspectives are different. Therefore, the correct answer is “Review the schedule.” The correct answer is “Review the schedule.

×：Unit testing is not performed for the sake of work efficiency.

It does not mean that unit tests are not performed.

×：Increase the number of items in the acceptance test for the unit test that could not be done.

The items that should have been done in the actual unit test are simply accounted for as acceptance tests, and the unit test is not considered to have been completed. This is an action that is close to concealment.

×：Report to your supervisor.

You are in charge of project management.

〇：A Comprehensive Executive Summary

No matter how technically comprehensive a report to management may be, it is not always desirable to be too informative; IT security professionals must understand that the risk to the enterprise from a data breach is only one of many concerns that senior management must understand and prioritize. C-level executives must be attentive to many risks and may have difficulty properly categorizing the often unfamiliar, highly technical threats. In short, the IT security professional’s primary job is to summarize the risks in as short a time as possible in a way that suits the management.

×：List of Threats, Vulnerabilities, and Likelihood of Occurrence

This is incorrect because it is not the most important element to report to management. Such a list is essential to a comprehensive security report, but providing it to senior management is unlikely to result in effective action without a skillful executive summary.

×：A comprehensive list of the probability and impact of expected adverse events

This is incorrect because it is not the most important element of the report to management. Such lists are important in technical reports, but summaries are critical to achieving risk mitigation goals.

×：A comprehensive list of threats, vulnerabilities, and likelihood of occurrence, a comprehensive list of the probability and impact of expected adverse events, and a written summary thereof to meet technical comprehensiveness

incorrect because it describes the most common and significant obstacles to reporting to management.

Each IPSec VPN device will have at least one security association (SA) for each secure connection it uses; the SA, which is critical to the IPSec architecture, is the device’s need to support IPSec connections over VPN connections This is a record of the configuration that needs to be in place.

〇：Statistically predictable

The two main types of symmetric algorithms are block ciphers and stream ciphers. Block ciphers perform a mathematical function on a block of bits at a time. Stream ciphers do not divide the message into blocks. Instead, a stream cipher treats the message as a stream of bits and performs the mathematical function on each bit individually. If it were statistically predictable, it would not be a practical encryption technique in the first place.

×：Statistically Fair Keystreams

Statistically fair keystreams are an element of good stream ciphers. Therefore, it is incorrect. Another way to say a statistically unbiased keystream is that it is a highly random keystream that is difficult to predict.

×：The repetitive pattern of bit strings treated in a keystream is long.

Another way to say the randomness of a keystream is that it is highly random, with long repetitions = rarely repeated = highly random.

×：The keystream is irrelevant to the key.

A keystream that is not related to a key is an element of a good stream cipher. Therefore, it is incorrect. This is important because the key provides the randomness of the encryption process.

〇：DNS Hijacking

The DNS plays a great role in the transmission of traffic on the Internet; it directs traffic to the appropriate IP address corresponding to a given domain name DNS queries can be classified as either recursive or iterative. In a recursive query, the DNS server forwards the query to another server, which returns the appropriate response to the inquirer. In an iterative query, the DNS server responds with the address of another DNS server that may be able to answer the question and then proceeds to further ask for a new DNS server. Attackers use recursive queries to pollute the caches of DNS servers.

The attacker sends a recursive query to the victim’s DNS server asking for the IP address of the domain; the DNS server forwards the query to another DNS server. Before the other DNS server responds, the attacker inserts his IP address. The victim server receives the IP address and stores it in its cache for a specific period of time. The next time the system queries the server for resolution, the server directs the user to the attacker’s IP address.

×：Manipulating the hosts file

Manipulating the hosts file is wrong because it does not use recursive queries to pollute the DNS server cache. The client queries the hosts file before issuing a request to the first DNS server. Some viruses add the antivirus vendor’s invalid IP address to the hosts file to prevent the virus definition file from being downloaded and to prevent detection.

×：Social engineering

Social engineering is wrong because it does not require querying DNS servers. Social engineering refers to manipulation by an individual for the purpose of gaining unauthorized access or information.

×：Domain Litigation

Domain litigation is wrong because it does not involve poisoning the DNS server cache. Domain names are at trademark risk, including temporary unavailability or permanent loss of established domain names.

Clustering is designed for fault tolerance. It is often combined with load balancing, but they are essentially separate. Clustering can make an operation active/active. On top of that, the load balancing feature handles traffic from multiple servers. Active/passive, on the other hand, has a designated primary active server and a secondary passive server, with the passive sending keep-alives or heartbeats every few seconds.

Matrix is not a network topology. Ring, mesh, and star are network topologies.

〇：A virtual firewall in bridge mode allows the firewall to monitor individual traffic links, while a firewall integrated into the hypervisor can monitor all activity taking place within the host system.

Virtual firewalls can be bridge-mode products that monitor individual communication links between virtual machines. They can also be integrated within a hypervisor in a virtual environment. The hypervisor is the software component that manages the virtual machines and monitors the execution of guest system software. When a firewall is embedded within the hypervisor, it can monitor all activities that occur within the host system.

×：A virtual firewall in bridge mode allows the firewall to monitor individual network links, while a firewall integrated into the hypervisor can monitor all activities taking place within the guest system.

A virtual firewall in bridge mode is incorrect because the firewall can monitor individual traffic links between hosts and not network links. Hypervisor integration allows the firewall to monitor all activities taking place within the guest system rather than the host system.

×：A virtual firewall in bridge mode allows the firewall to monitor individual traffic links, while a firewall integrated into the hypervisor can monitor all activities taking place within the guest system.

A virtual firewall in bridge mode is wrong because the firewall can monitor individual traffic links, and the hypervisor integration allows the firewall to monitor all activity taking place within the host system, but not the guest system. The hypervisor is the software component that manages the virtual machines and monitors the execution of the guest system software. A firewall, when embedded within the hypervisor, can monitor all activities taking place within the system.

×：A virtual firewall in bridge mode allows the firewall to monitor individual guest systems, while a firewall integrated into the hypervisor can monitor all activities taking place within the network system.

A virtual firewall in bridge mode allows the firewall to monitor individual traffic between guest systems, and a hypervisor integrated allows the firewall to monitor all activity taking place within the host system, not the network system, so Wrong.

〇：Yes. The same goal should be held because there is security in achieving corporate goals.

There are KPIs and other marketin indicators to achieve organizational goals. Developing a security function in the organization also exists to achieve these goals.

×：Yes. Marketing in the security industry is allowed to be risk-off.

By “marketing in the security industry,” I do not mean aligning the security function within the organization.

×：No. The division of labor should be strictly enforced and left to specialists.

While the division of labor in an organization is certainly important, all members of the organization need to be security conscious.

×：No. Security has nothing to do with confidential information that would be an executive decision.

Security should be addressed by the entire organization. It is not irrelevant.

〇：Well-Formed Transaction

In the Clark-Wilson model, subjects cannot access objects without going through some type of application or program that controls how this access is done. The subject (usually the user) can access the required object based on access rules within the application software, defined as “Well-Formed Transaction,” in conjunction with the application.

×：Childwall model

This is incorrect because it is another name for the Brewer Nash model created to provide access control that can be dynamically modified according to the user’s previous behavior. It is shaped by access attempts and conflicts of interest and does not allow information to flow between subjects and objects. In this model, a subject can only write to an object if the subject cannot read another object in a different data set.

×：Access tuples

The Clark-Wilson model is incorrect because it uses access triples instead of access tuples. The access triple is the subject program object. This ensures that the subject can only access the object through the authorized program.

×：Write Up and Write Down

The Clark-Wilson model is incorrect because there is no Write Up and Write Down. These rules relate to the Bell-LaPadula and Biba models. The Bell-LaPadula model contains a simple security rule that has not been read and a star property rule that has not been written down. The Biba model contains an unread simple completeness axiom and an unwritten star completeness axiom.

〇：The most common method used is to change the most significant bit.

Steganography is a method of hiding data in other media types. One of the most common ways to embed messages in some types of media is using the least significant bit (LSB). This is because many types of files are modified and this is where sensitive data can be made visible and hidden without modifying the file. the LSB approach has been successful in hiding information within the graphics of high-resolution or sound-heavy audio files (high bit rate).

×：Hiding by abstraction.

Steganography is incorrect because it is concealment by abstraction. Security by obscurity means that someone uses secrecy as a way to protect an asset, rather than actually using the measure to secure something.

×：Just as encryption does, steganography is not a front for the existence of the sensitive data itself.

It is true that steganography does not draw attention to itself as does encryption. In other words, it is concealment by abstraction.

×：Media files are ideal for steganographic transmissions that are large in size.

This is incorrect because it is true that larger media files are ideal for steganographic transmissions because everyone needs to privately use multiple bits to manipulate with low likelihood of noticing.

〇：PCI DSS

PCI DSS (Payment Card Industry Data Security Standard) is a framework to avoid personal information leakage when making electronic payments. Therefore, the correct answer is “PCI DSS.

By the way, if you were to ask, “Which of the following are possible?” I am tempted to argue that other frameworks may be used as well. However, in the CISSP exam, you may have to choose “the most plausible” option in some cases. Therefore, we have used this phrase.

×：HITECH

The Health Information Technology for Economic and Clinical Health Act (HITECH) is an enhanced version of HIPPA that applies not only to data management but also to health care business associates.

×：OCTAVE

OCTAVE is one of the risk assessment frameworks introduced in CERT.

×：COBIT

COBIT is a framework for measuring the maturity of a company’s IT governance. It was proposed by the Information Systems Control Association of America (ISACA) and the IT Governance Institute (ITGI).

The data link layer or Layer 2 of the OSI model adds a header and trailer to the packet to prepare the packet in binary format in local area network or wide area network technology for proper line transmission. Layer 2 is divided into two functional sublayers. The upper sublayer is logical link control (LLC), which is defined in the IEEE 802.2 specification. It communicates with the network layer above the data link layer. Below the LLC is the Media Access Control (MAC) sublayer, which specifies interfaces with the protocol requirements of the physical layer.

〇：Multiple major and used usages should be screened to make sure they work on the target browsers.

If the service is for BtoC, it is considered that more target users should be supported.

×：It should be checked if it works on a particular browser.

User cases that do not work on certain browsers may occur after release.

×：Confirm that it works on the most secure browser.

If it is secure, it is expected to work in the most restricted of browsers.

In reality, however, browser specifications also vary, including browser backs and terminals.

×：Make sure it works on OS-standard browsers.

Browsers are not just OS standard. In reality, end users also download and use their favorite browsers from app stores.

〇：The cloud provider is provided a platform as a service that provides a computing platform that may include an operating system, database, and web servers.

Cloud computing is a term used to describe the aggregation of network and server technologies, each virtualized, to provide customers with a specific computing environment that matches their needs. This centralized control provides end users with self-service, broad access across multiple devices, resource pooling, rapid elasticity, and service monitoring capabilities.

There are different types of cloud computing products: IaaS provides virtualized servers in the cloud; PaaS allows applications to be developed individually; SaaS allows service providers to deploy services with no development required and with a choice of functionality; and IaaS allows customers to choose the type of service they want to use. ” The term “PaaS” must fit the definition of “PaaS” because it requires that “the original application configuration remains the same”. Thus, the correct answer is, “The cloud provider provides a computing platform that may include an operating system, database, and web server, where the platform as a service is provided.” The following is the correct answer

×：The cloud provider is provided with an infrastructure as a service that provides a computing platform that can include an operating system, database, and web servers.

IaaS Description.

×：The cloud provider is provided with software services that provide an infrastructure environment similar to that of a traditional data center.

This is a description of the operational benefits of cloud computing. It is not a definition.

×：The cloud provider provides software as a service in a computing platform environment where application functionality is internalized.

SaaS Description.

HIPAA covered entities and the organizations and individuals who assist them in their business are treated in the same manner as HIPAA covered entities. Health care providers, health information clearinghouses, and health insurance plans are covered entities. Developers of health apps are responsible as programmers rather than holders or plan holders of bodily information. They may not be covered by HITECH, which focuses on how body information is managed. Therefore, the correct answer is “health app developer”.

It is not necessary to know the detailed HITECH requirements. You can classify them based on whether or not you are dealing with information and answer the questions by process of elimination.

Student numbers, which are left to the control of each school, cannot be considered privacy information because they are not sufficient information to identify an individual.

Stored data is data that is stored on a disk or other media. Transmitted data is data flowing over a network. Used data is data that is in memory, cache, etc. and in use. Just because it is being transported by truck does not make it data that is being transferred. Therefore, “stored data” is the correct answer.

UDP (User Datagram Protocol) floods are often used in distributed denial of service (DDOS) attacks because they are connectionless and yet allow for easy generation of UDP messages from various scripting and compilation languages. UDP is a datagram protocol.

〇：Test with reference to OSSTMM.

OSSTMM (Open Source Security Testing Methodology Manual) is an open source penetration testing standard. Open source is basically free and has many amazing features. Because it is free and anyone can use it, there is a view that trust is low. However, there is nothing like it if you properly understand the risks. That is why we are trying to create a testing standard for open source to ensure trust. Therefore, the correct answer is: “Test with reference to OSSTMM.” will be “OSSTMM”.

×：Since open source is fully tested at the point of development, the testing process can be omitted.

Even if it is open source, you need to test it according to your own organization.

×：Secure contact information for the developer and conduct testing with both developers.

If you contact the open source developer, these responses will probably not go through.

Most open source developers are doing this in good faith and may be brazen about further pursuit from the organization.

×：Ask other organizations to share completed tests.

The process of getting test results that may be confidential from other organizations is unreasonable.

〇：Salt

A rainbow table is a pre-built list of ciphertexts that match plaintext and have hashes that match passwords. The table can contain millions of pairs. Salting is random data used as additional input to a one-way function that “hashes” a password or passphrase. The primary function of a salting is to protect against dictionary or compiled rainbow table attacks.

×：Login Attempt Restrictions

Effective against all unauthorized login methods, but not a direct or effective countermeasure against rainbow tables.

×：Key stretching

Replacing passwords with longer, random strings for encryption purposes.

×：Hashing

Password hashing is a fixed-length cipher (hash) statement for secure password storage.

〇：For early detection or enclosure in the event of an attack.

Attackers will conduct an investigation before launching a substantial attack. In such cases, a vulnerable network can provide preventative information such as where the attacker is accessing the network from. This is because only an attacker would have the incentive to break into the network. Vulnerable network domains, such as honeypots, make this kind of intrusion easier and clarify the attacker’s behavior. Thus, the correct answer is “to detect or enclose them early in the event of an attack.” will be

×：Debugging environment for when a system outage occurs in the current environment.

The answer is not to intentionally create a vulnerable environment. It is only the result of creating an environment that is vulnerable.

×：Aiming to prevent regressions due to old vulnerabilities.

Even if it is an old vulnerability, it should be addressed and there is no point in allowing it to remain.

×：A special environment for running a product with a low version that is no longer supported.

It is not an answer to intentionally create a vulnerable environment. It is merely the result of creating an environment that is vulnerable.

Distributed Denial of Service (DDoS) attacks usually do not provide financial gain to the attacker. Often, the motivation is revenge, disagreement with the organization’s policy decisions, or the attacker proving the extent of his or her animosity toward the organization. Certainly, it can be used to bloat the cost of a pay-as-you-go cloud service by causing it to consume more resources than expected by accessing it in large volumes, but it is a mistake in that it is not the financial objective of the parties involved.

〇：Check for errors caused by principal code modifications.

Regression testing finds defects after code changes have occurred. It looks for reduced or lost functionality, including old bugs. Therefore, the correct answer is: “Check for errors due to changes in the main code.” will be.

×：Install the developed software on the customer’s hardware.

This is not a test, but part of the release.

×：Checking the detection and processing when faced with a failure.

This is so-called troubleshooting and is accomplished by handing over the operational plan and procedures to the operations team.

×：Checking the interfaces of software components.

This is testing against the interface and is performed as part of the test items for internal and external coupling tests.

Web access management (WAM) software controls what users can access when interacting with Web-based corporate assets using a Web browser. This type of technology is continually becoming more robust and experiencing increased deployment. This is due to the increased use of e-commerce, online banking, content delivery, and Web services. The basic components and activities of the Web access control management process are

• The user submits credentials to the web server.
• The web server requests the WAM platform to authenticate the user. WAM authenticates to the LDAP directory and obtains credentials from the policy database.
• The user requests access to a resource (object).
• The web server verifies that object access is allowed and grants access to the requested resource.

When the complicated term WAM is mentioned, the journey begins to search for a definition of WAM that may be at the end of one’s brain. But as these thoughts begin, you will want the hard answers, like the X.500 database. But if you don’t know, it is straightforward to interpret and answer to the best of your understanding; if you interpret WAM as software that controls access to a Web server, then the question is, “Which is the correct definition of WAM?” Rather than “What do you think software that controls access to a web server does?” rather than “What do you think software that controls access to a web server does? However, it is still tempting to factor in the possibility that WAM is a solution that uses a specific technology that may be unfamiliar to you.

〇：Digital Signature

A digital signature is a hash value encrypted with the sender’s private key. The act of signing means encrypting a hash value of a message with a private key. A message can be digitally signed, providing authentication, non-repudiation, and integrity. The hash function guarantees the integrity of the message, and the signature of the hash value provides authentication and non-repudiation.

×：Encryption Algorithms

Encryption algorithms are wrong because they provide confidentiality. Encryption is most commonly performed using symmetric algorithms. Symmetric algorithms can provide authentication, non-repudiation, and integrity as well as confidentiality.

×：Hash Algorithms

Hash algorithms are wrong because they provide data integrity. Hash algorithms generate a message digest, which detects whether modifications have been made (also called a hash value). The sender and receiver individually generate their own digests, and the receiver compares these values. If they differ, the receiver can know the message has been modified. Hash algorithms cannot provide authentication or non-repudiation.

×：Encryption paired with digital signatures

This is incorrect because encryption and digital signatures provide confidentiality, authentication, non-repudiation, and integrity. Encryption alone provides confidentiality. And digital signatures provide authentication, non-repudiation, and integrity. The question requires that it can provide authentication, non-repudiation, and integrity. It is a nasty question.

〇：To allow the database to execute transactions as a single unit without interruption.

Online transaction processing (OLTP) is used when databases are clustered to provide high fault tolerance and performance. It provides a mechanism to monitor and address problems as they occur. For example, if a process stops functioning, the monitoring function within OLTP will detect and attempt to restart the process. If the process cannot be restarted, the transaction that occurred is rolled back to ensure that no data has been corrupted or that only a portion of the transaction occurred; OLTP records when the transaction occurred (in real time). Usually multiple databases in a distributed environment are updated.

This classification by the extent to which transaction processing is appropriate is very complex. Therefore, database software must implement ACID characteristics. Among them is atomicity, which means that the transaction is either executed entirely or not executed at all. It is the property that a transaction must either be executed completely or not at all.

When a question like this is answered incorrectly, judging that you could not solve it because you did not know OLTP will hinder your future study methods. Although the question text is worded in a complicated way, it is more important to understand what atomicity is in ACID than to memorize the definition of OLTP to solve the actual question.

×：To be able to establish database consistency rules.

It enforces the consistency rules as stated in the database security policy, but does not imply transaction atomicity.

×：To prevent rollbacks from occurring.

Transaction atomicity does not refer to suppressing rollbacks.

×：To prevent concurrent processes from interacting with each other.

This falls under independence, isolation, and segregation. Independence, isolation, and quarantine (isolation) means that the processes are hidden from other operations during processing. It is the property that even if multiple transactions are executed simultaneously, they must not produce the same processing results as if they were executed alone.

In an asymmetric algorithm, every user must have at least one key pair (private and public key). In a public key system, each entity has a separate key. The formula for determining the number of keys needed in this environment is by the number N × 2, where N is the number of people to distribute. In other words, 260 x 2 = 520. Therefore, the correct answer is 520.

〇：Intercept anti-malware calls to the operating system for file system information.

This is a “no” question. Polymorphic viruses attempt to fool anti-malware scanners. In particular, they use methods to generate operational copies. Even if the anti-malware software detects and disables one or two copies, the other copies remain active in the system.

This problem must be solved by process of elimination. What definitions are polymorphic viruses? If you remember the word list “what is a polymorphic virus,” you may not understand what makes a polymorphic virus unique. The most striking feature of polymorphic viruses is that they repeatedly change entities.

×：Using noise, mutation engines, or random number generators to change the sequence of instructions.

Polymorphic-type viruses may change the sequence of instructions by including noise or false instructions along with other useful instructions. They can also use mutation engines and random number generators to alter the sequence of instructions in the hope that they will not be detected. The original functionality remains intact, but the code is altered, making it nearly impossible to identify all versions of the virus using a fixed signature.

×：Different encryption schemes that require different decryption routines can be used.

Polymorphic-type viruses can use different encryption schemes that require different decryption routines. This requires an anti-malware scan to identify all copies of this type of virus, one for each possible decryption method. Polymorphic virus creators hide the encrypted virus payload and add decryption methods to the code. Once encrypted, the code becomes meaningless, but that does not necessarily mean that the encrypted virus is a polymorphic virus and thus escapes detection.

×：Create multiple and various copies.

Polymorphic viruses generate multiple, varied copies in order to avoid detection by anti-malware software.

〇：SMTP lacks proper authentication mechanisms.

Email spoofing is easy to perform if the SMTP lacks proper authentication mechanisms. An attacker can spoof the sender address of an e-mail by sending a Telnet command to port 25 of the mail server. The spammer uses e-mail spoofing to prevent himself from being identified.

×：The administrator forgot to configure a setting that prevents inbound SMTP connections for non-functioning domains.

If it is spoofed, the email sender is also spoofed. This can happen even if you prevent inbound SMTP connections for a domain.

×：Technically abolished by keyword filtering.

Filtering is not very effective against spoofing. Therefore, even if it is technically obsolete, it is unlikely to be the cause.

×：The blacklist function is not technically reliable.

If an email is spoofed, the sender of the email is also spoofed. This can happen even if the filtering function is not reliable.

〇：Test the restore procedure.

The ability to successfully restore from a backup must be tested periodically. Therefore, the correct answer is: “Test the restore procedure.” will be

×：Ensure that all user data is backed up.

Making copies of user data is important, but copies are useless unless it is ensured that the copies can be restored.

×：Back up the database management system (DBMS) to your own specifications.

While it is a good idea to use measures to meet the proprietary specifications of the DBMS to ensure that transactional copies are usable, those copies will not be trusted unless the restores are tested.

×：Ensure that the backup log files are complete.

Monitoring backup logs for completion is good operational practice, but it is wrong because it is no substitute for regular testing of the backups themselves and their ability to truly recover from data loss.

Sabotage is an attack by an insider.

Cross-site tracing is an attack to obtain authentication information by embedding TRACE method HTTP communication in a web page. Suppose the TRACE method is embedded in the login screen by XSS. After the password to log in is sent, it is returned by TRACE and comes back. The password that has just been sent is returned to the browser, leading to a compromise.

〇：The security kernel implements and executes the reference monitor

The Trusted Computing Base (TCB) is a complete combination of protection mechanisms for a system. These are in the form of hardware, software, and firmware. These same components also comprise the security kernel. Reference monitors are access control concepts implemented and enforced by the security kernel via hardware, software, and firmware. In doing so, it ensures that the security kernel, the subject, has the proper permissions to access the object it is requesting. The subject, be it a program, user, or process, cannot access the requesting file, program, or resource until it is proven that it has the proper access rights.

×：The reference monitor is the core of the Trusted Computing Base (TCP), which is comprised of the security kernel.

This is incorrect because the reference monitor is not the core of the TCB. The core of the TCB is the security kernel, and the security kernel implements the concepts of the reference monitor. The reference monitor is a concept about access control. It is often referred to as an “abstract machine” because it is not a physical component.

×：The reference monitor implements and executes the security kernel.

The reference monitor does not implement and execute the security kernel, which is incorrect. On the contrary, the security kernel implements and executes the reference monitor. The reference monitor is an abstract concept, while the security kernel is a combination of hardware, software, and firmware in a trusted computing base.

×：The security kernel, i.e., the abstract machine, implements the concept of a reference monitor.

This is incorrect because abstract machine is not another name for security kernel. Abstract machine is another name for the reference monitor. This concept ensures that the abstract machine acts as an intermediary between the subject and the object, ensuring that the subject has the necessary rights to access the object it is requesting and protecting the subject from unauthorized access and modification. The security kernel functions to perform these activities.

Disaster Recovery Planning (DRP) is the process of creating short-term plans, policies, procedures, and tools to enable the recovery or continuation of critical IT systems in the event of a disaster. It focuses on the IT systems that support critical business functions and how they will be restored after a disaster. For example, it considers what to do if you suffer a distributed denial of service (DDOS) attack, if your servers are compromised, if there is a power outage, etc. BCP is more focused on what should happen and does not necessarily include system requirements.

〇：Keys are generated from a master key.

To generate a composite key, a master key is created and a symmetric key (subkey) is generated. The key derivation function generates the encryption key from the secret value. The secret value can be a master key, passphrase, or password. The key derivation function (KDF) generates a key for symmetric key ciphers from a given password.

×：Session keys are generated from each other.

Session keys are generated from each other, not from the master key, which is incorrect.

×：Asymmetric ciphers are used to encrypt symmetric keys.

It is incorrect because key encryption is not even related to the key derivation function (KDF).

×：The master key is generated from the session key.

Reverse, incorrect. Session keys are generally generated from master keys.

〇：Public key infrastructure is a mechanism configuration for public key cryptographic distribution, and public key cryptography is another name for asymmetric encryption.

Public key cryptography is asymmetric cryptography. The terms are used interchangeably. Public key cryptography is a concept within the Public Key Infrastructure (PKI), which consists of various parts such as Certificate Authorities, Registration Authorities, certificates, keys, programs, and users. Public Key Infrastructure is used to identify and create users, distribute and maintain certificates, revoke and distribute certificates, maintain encryption keys, and for the purpose of encrypted communication and authentication.

×：Public key infrastructure uses symmetric algorithms and public key cryptography uses asymmetric algorithms.

This is incorrect because the public key infrastructure uses a hybrid system of symmetric and asymmetric key algorithms and methods. Public key cryptography is to use asymmetric algorithms. Therefore, asymmetric and public key cryptography are interchangeable, meaning they are the same. Examples of asymmetric algorithms are RSA, elliptic curve cryptography (ECC), Diffie-Hellman, and El Gamal.

×：Public key infrastructure is used to perform key exchange, while public key cryptography is used to create public/private key pairs.

This is incorrect because public key cryptography is the use of asymmetric algorithms used to create public/private key pairs, perform key exchange, and generate and verify digital signatures.

×：Public key infrastructure provides confidentiality and integrity, while public key cryptography provides authentication and non-repudiation.

Incorrect because the public key infrastructure itself does not provide authentication, non-repudiation, confidentiality, or integrity.

〇：Password authentication and secret questions

Passwords are a memory-based authentication method. The secret question is also a memory-based authentication method, and is not a combination of two-factor authentication methods. Therefore, the correct answer is “password authentication and secret question.

×：Password authentication and fingerprint authentication

It is memory authentication information x body authentication information. This is a multi-factor authentication.

×：Password authentication and one-time password authentication using a token machine.

This is memory authentication information x possession authentication information. This is a multi-factor authentication.

×：Password authentication and IC card authentication

This is memory authentication information × possession authentication information. This is a multi-factor authentication.

〇：Representatives from each department meet and undergo validation.

Structured walk-through testing allows functional personnel to review the plan as it is fulfilled to ensure its accuracy and validity.

×：Ensures that some systems will run at alternate sites.

This is incorrect because it describes parallel testing.

×：Send a copy of the disaster recovery plan to all departments to verify its completeness.

This is incorrect because it describes a checklist test.

×：Take down the normal operation system.

This is incorrect because it describes a full interruption test.

〇：IP Session Restriction via Media Gateway

The VoIP Media Gateway translates Internet Protocol (VoIP) voice over time division multiplexing (TDM) voice to and from. As a security measure, the number of calls through the Media Gateway should be limited. The Media Gateway is vulnerable to denial-of-service attacks, hijacking, and other types of attacks.

×：Identification of Rogue Devices  

Incorrect, as rogue devices on both IP telephony and data networks need to be identified.

×：Implementation of Authentication

Incorrect because authentication is recommended for both data and voice networks.

×：Encryption of packets containing sensitive information

Incorrect because sensitive data can be transmitted over either voice or data networks and must be encrypted in both cases. Eavesdropping is a very real threat for VoIP networks.

〇：Conduct business impact analysis

While no specific scientific equation must be followed to create a continuity plan, certain best practices have been proven over time. The National Institute of Standards and Technology (NIST) organization is responsible for developing and documenting many of these best practices so that they are readily available to all. NIST outlines seven steps in Special Publication 800-34 Rev 1, Continuity Planning Guide for Federal Information Systems. Conduct a business impact analysis. Identify preventive controls. Develop a contingency strategy. Develop an information systems contingency plan. Ensure testing, training, and exercises of the plan. Ensure the plan is maintained. Conduct a business impact analysis by identifying critical functions and systems and prioritize them as needed. It also includes identifying vulnerabilities and threats and calculating risks.

×：Identify preventive controls

Wrong because critical functions and systems are prioritized and preventive controls need to be identified after their vulnerabilities, threats, and identified risks (all of which are part of a business impact analysis). Conducting a business impact analysis involves step 2, which is to create a continuity plan, and step 3, which is to identify preventive controls.

×：Develop a Continuity Plan Policy Statement

This is incorrect because you need to create a policy that provides the guidance needed to develop a business continuity plan and assigns authority to the roles needed to perform these tasks. This is the first step in creating a business continuity plan and is done before identifying and prioritizing critical systems and functions that are part of the business impact analysis.

×：Create contingency strategies

Creating a contingency strategy is incorrect because it requires formulating a method to ensure that systems and critical functions are brought online quickly. Before this can be done, a business impact analysis must be performed to determine critical systems and functions and prioritize them during recovery.

〇：To make information physically unrecoverable by any special effort.

Purging is the removal of sensitive data from disk. Software deletion of files on disk does not actually erase the data, only disconnects it from the location of the on-disk data. This means that if the data on the disk containing sensitive information cannot be completely erased, physical destruction is also necessary.

×：To change the polarization of atoms on a medium.

This is not a description of purging.

×：Do not authorize the reuse of media in the same physical environment for the same purpose.

While such an approval process may exist in practice, it is not a description of purging as data deletion.

×：To make data on media unrecoverable by overwriting it.

Simply overwriting media with new information does not eliminate the possibility of recovering previously written information.

Therefore, it does not fit the description of purging.

〇：Software Configuration Management

Products that provide software configuration management (SCM) identify software attributes at various points in time and provide systematic control of change to maintain software integrity and traceability throughout the software development life cycle. It defines the need to track changes and provides the ability to verify that the final delivered software has all of the approved changes that are supposed to be included in the release. During a software development project, it is stored in a system that can be managed as a centralized code repository and perform SCM functions to track revisions made by multiple people to a single master set.

×：Software Change Control Management

This is incorrect as it is not an official term for this type of function. Software Change Control Management is only part of Software Configuration Management. Software configuration management systems provide concurrency management, version control, and synchronization.

×：Software Escrow

A software escrow framework in which a third party holds a copy of the source code that will be released to the customer in the event of certain circumstances, such as bankruptcy of the vendor who developed the code.

×：Software Configuration Management Escrow

Incorrect, as this is not an official term for this type of functionality.

Point-to-Point Tunneling Protocol (PPTP) is a way to implement a virtual private network (VPN). It is Microsoft’s proprietary VPN protocol that operates at the data link layer of the OSI model; PPTP can only provide a single connection and can operate over a PPP connection.

〇：The ability to control access close to the resource.

Central access control has various advantages such as uniform rules and reduced operational burden. Distributed access control allows access control in close proximity to resources, thus protecting resources independently.

×：It should be possible to design a comprehensive

Distributed access control is not a comprehensive design because the authentication and authorization functions are distributed.

×：Relatively low cost.

Whether or not costs can be kept down cannot be determined by this design concept alone.

×：Logs from various devices make it easier to understand the current status.

Both central access control and distributed access control can acquire logs from various devices.

〇：The use of IM can be stopped by simply blocking certain ports on the network firewall.

Instant messaging (IM) allows people to communicate with each other via real-time and personal chat room types. These technologies will have the ability to transfer files. Users install an IM client and are assigned a unique identifier; they provide this unique identifier to anyone they wish to communicate with via IM. ineffective.

Another way to answer the question is to say that the question itself confirms our understanding of security, and then we can lay down the assumption that “should not be included in the presentation” means that we should not say anything that will later be held liable. There will be far more events that indicate that there is a possibility than events that say there is no possibility at all.

×：Sensitive data and files can be transferred from system to system via IM.

This is incorrect because in addition to text messages, instant messaging allows files to be transferred from system to system. These files could contain sensitive information, putting the company at business or legal risk. And sharing files via IM will use that much network bandwidth and impact network performance.

×：Users can be subjected to attacks posing as legitimate senders from malware containing information.

Incorrect because it is true. Due to lack of strong authentication, accounts can be falsified because there is to accept information from malicious users of the legitimate sender, not the receiver. There will also be numerous buffer overflows and malformed packet attacks that have been successful with different IM clients.

×：A security policy is needed specifying IM usage limits.

This is incorrect because his presentation should include the need for a security policy specifying IM usage restrictions. This is only one of several best practices to protect the environment from IM-related security breaches. Other best practices include upgrading IM software to a more secure version that configures the firewall to block IM traffic, implementing a corporate IM server so that only internal employees communicate within the organization’s network, and implementing an integrated Includes implementing an antivirus/firewall product.

〇：Telnet must be used to send commands and data.

Telnet sends all data, including administrator credentials, in plain text and should not be allowed for remote administration. This type of communication should be via a more secure protocol, such as SSH.

×：Only a small number of administrators should be allowed to perform remote functions.

Wrong, as it is true that only a few administrators should be able to perform remote functions. This minimizes the risk to the network.

×：Critical systems should be managed locally, not remotely.

Wrong because it is true that critical systems need to be managed locally, not remotely. It is safer to send management commands on an internal private network than over a public network.

×：Strong authentication is required.

Wrong because it is true that strong authentication is required for any management activity. Anything weaker than strong authentication, such as a password, is easy for an attacker to break in and gain administrative access.

〇：Unified Threat Management

Unified Threat Management (UTM) appliance products have been developed to provide firewall, malware, spam, IDS / IPS, content filtering, data leak prevention, VPN capabilities, and continuous monitoring and reporting in computer networks.

Since this question asks for a definition of Unified Threat Management that is unfamiliar or not even mentioned in the course material, it is inefficient to buy and study a new book just to get this score. To avoid ending up with “I don’t know = I can’t solve it,” be sure to develop the habit of choosing a “better answer.

If you think in terms of the classification Concepts/Standards > Solutions/Implementation Methods, ISCM (NIST SP800-137) and centralized access control systems are the former, while Unified Threat Management and cloud-based security solutions are the latter. Therefore, it is still better to bet on unified threat management and cloud-based security solutions.

×：ISCM (NIST SP800-137)

Because continuous monitoring in the security industry is most commonly Information Security Continuous Monitoring ISCM (NIST SP800-137), which enables companies to gain situational awareness, continuous awareness of information security, vulnerabilities, and threats to support business risk management decisions , is incorrect.

×：Centralized Access Control System

Wrong because a centralized access control system does not attempt to combine all of the security products and capabilities mentioned in the issue. A centralized access control system is used so that its access control can be enforced in a standardized manner across different systems in a network environment.

×：Cloud-based security solutions

Cloud-based security solutions include security managed services that allow an outsourced company to manage and maintain a company’s security devices and solutions, but this is not considered a cloud-based solution. The cloud-based solution provides the infrastructure environment, platform, or application to the customer so that the customer does not have to spend time and money maintaining these items themselves.