S. Rao Vallabhaneni - CISSP Practice_ 2,250 Questions, Answers, and Explanations for Passing the Test-Wiley (2011) PART I

, Table of Contents
Cover

Domain 1: Access Control
Scenario-Based Questions, Answers, and Explanations
Sources and References

Domain 2: Telecommunications and Network
Security
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References

Domain 3: Information Security Governance and
Risk Management
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References

Domain 4: Software Development Security
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References

Domain 5: Cryptography
Traditional Questions, Answers, and Explanations

, Scenario-Based Questions, Answers, and Explanations
Sources and References

Domain 6: Security Architecture and Design
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References

Domain 7: Security Operations
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References

Domain 8: Business Continuity and Disaster
Recovery Planning
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References

Domain 9: Legal, Regulations, Investigations, and
Compliance
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References

Domain 10: Physical and Environmental Security
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References

, Domain 1

Access Control

1. For intrusion detection and prevention system capabilities,
stateful protocol analysis uses which of the following?
1. Blacklists
2. Whitelists
3. Threshold
4. Program code viewing
a. 1 and 2
b. 1, 2, and 3
c. 3 only
d. 1, 2, 3, and 4
1. d. Stateful protocol analysis (also known as deep packet inspection) is
the process of comparing predetermined profiles of generally accepted
definitions of benign protocol activity for each protocol state against
observed events to identify deviations. Stateful protocol analysis uses
blacklists, whitelists, thresholds, and program code viewing to provide
various security capabilities.
A blacklist is a list of discrete entities, such as hosts or applications that
have been previously determined to be associated with malicious
activity. A whitelist is a list of discrete entities, such as hosts or
applications known to be benign. Thresholds set the limits between
normal and abnormal behavior of the intrusion detection and prevention
systems (IDPS). Program code viewing and editing features are
established to see the detection-related programming code in the IDPS.
2. Electronic authentication begins with which of the following?
a. Token
b. Credential
c. Subscriber