- Which one of the following algorithms is not supported by the Digital Signature Standard?
(a) Digital Signature Algorithm
(b) RSA
(c) El Gamal DSA
(d) Elliptic Curve DSA
Answer:
(c)
Explanation:
DSS supports only three encryption algorithms (DSA, RSA & ECDSA) in conjunction with SHA-1 hashing.
- Which cryptosystem provides the encryption/decryption technology for the commercial version of the PGP secure email system?
(a) ROT13
(b) IDEA
(c) ECC
(d) El Gamal
Answer:
(b)
- Which one of the following cryptographic algorithms is now considered insecure?
(a) El Gamal
(b) RSA
(c) Elliptic Curve Cryptography
(d) Merkle-Hellman Knapsack
Answer:
(d)
- Which of the following are primary components of TCB? (Select all that apply)
(a) Reference monitor
(b) Security kernel
(c) Security perimeter
(d) Hardware & software elements used to enforce the security policy
Answers:
(a), (c), (d)
Explanation:
The primary components of the trusted computing base (TCB) are the hardware and software elements used to enforce the security policy (these elements are called the TCB), the security perimeter distinguishing & separating TCB components from non-TCB components, and the reference monitor that serves as an access control device across the security perimeter.
- What best describes a confined or constrained process?
(a) A process that can run only for a limited time
(b) A process that can run only during certain times of the day
(c) A process that can access only certain memory locations
(d) A process that controls access to an object
Answer:
(c)
- What is a security perimeter? (Choose all that apply)
(a) The boundary of the physically secure area surrounding your system
(b) The imaginary boundary that separates the TCB from the rest of the system
(c) The network where your firewall resides
(d) Any connections to your computer system
Answers:
(b), (a)
Explanation:
(b) is the best answer in the context of the Trusted Computing Base, but (a) is also true in the world of physical security.
- What is the implied meaning of the simple property of Biba?
(a) Write down
(b) Read up
(c) No write up
(d) No read down
Answer:
(b)
Explanation:
The stated meaning of the simple integrity axiom is “no read down”, which implies that “read up” is allowed.
- What security model has a feature that in theory has one name or label, but when implemented into a solution, takes on the name or label of the security kernel
(a) Graham-Denning model
(b) Deployment modes
(c) Trusted computing base
(d) Chinese Wall
Answer:
(c)
Explanation:
The TCB has a component known as the reference monitor in theory, which becomes the security kernel in implementation.
- What is system certification?
(a) Formal acceptance of a stated system configuration
(b) A technical evaluation of each part of a computer system to assess its compliance with security standards
(c) A functional evaluation of the manufacturer’s goals for each hardware & software component to meet integration standards
(d) A manufacturer’s certificate stating that all components were installed & configured correctly.
Answer:
(b)
- What is system accreditation?
(a) Formal acceptance of a stated system configuration
(b) A technical evaluation of each part of a computer system to assess its compliance with security standards
(c) A functional evaluation of the manufacturer’s goals for each hardware & software component to meet integration standards
(d) A manufacturer’s certificate stating that all components were installed & configured correctly.
Answer:
(a)
- Comment
- Reblog
-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
My CISSP Notes 