What refers to legitimate users accessing networked services that would normally be restricted to them?
Answer(s): D
Unauthorized access of restricted network services by the circumvention of security access controls is known as logon abuse. This type of abuse refers to users who may be internalto the network but access resources they would not normally be allowed.
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3: Telecommunications and Network Security (page 74).
In regards to information classification what is the main responsibility of information (data) owner?
Answer(s): A
Making the determination to decide what level of classification the information requires is the main responsibility of the data owner.The data owner within classification is a person from Management who has been entrusted with a data set that belong to the company. It could be for example the Chief Financial Officer (CFO) who has been entrusted with all financial date or it could be the Human Resource Director who has been entrusted with all Human Resource data. The information owner will decide what classification will be applied to the data based on Confidentiality, Integrity, Availability, Criticality, and Sensitivity of the data.The Custodian is the technical person who will implement the proper classification on objects in accordance with the Data Owner. The custodian DOES NOT decide what classification to apply, it is the Data Owner who will dictate to the Custodian what is the classification to apply.NOTE:The term Data Owner is also used within Discretionary Access Control (DAC). Within DAC it means the person who has created an object. For example, if I create a file on my system then I am the owner of the file and I can decide who else could get access to the file. It is left to my discretion. Within DAC access is granted based solely on the Identity of the subject, this is why sometimes DAC is referred to as Identity Based Access Control.The other choices were not the best answerRunning regular backups is the responsibility of custodian.Audit the data users is the responsibility of the auditors Periodically check the validity and accuracy of the data is not one of the data owner responsibility
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Page 14, Chapter 1: Security Management Practices.
Which of the following is not a two-factor authentication mechanism?
Something you know and a password fits within only one of the three ways authentication could be done. A password is an example of something you know, thereby something you know and a password does not constitute a two-factor authentication as both are in the same category of factors.A two-factor (strong) authentication relies on two different kinds of authentication factors out of a list of three possible choice:something you know (e.g. a PIN or password),something you have (e.g. a smart card, token, magnetic card), something you are is mostly Biometrics (e.g. a fingerprint) or something you do (e.g. signature dynamics).TIP FROM CLEMENT:On the real exam you can expect to see synonyms and sometimes sub-categories under the main categories. People are familiar with Pin, Passphrase, Password as subset of Something you know.However, when people see choices such as Something you do or Something you are they immediately get confused and they do not think of them as subset of Biometrics where you have Biometric implementation based on behavior and physilogical attributes. So something you do falls under the Something you are category as a subset.Something your do would be signing your name or typing text on your keyboard for example.Strong authentication is simply when you make use of two factors that are within two different categories.
Shon Harris, CISSP All In One, Fifth Edition, pages 158-159
Which of the following access control models introduces user security clearance and data classification?
The mandatory access control model is based on a security label system. Users are given a security clearance and data is classified. The classification is stored in the security labels of the resources. Classification labels specify the level of trust a user must have to access a certain file.
HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, Chapter 4: Access Control (Page 154).
Password management falls into which control category?
Answer(s): C
Password management is an example of preventive control. Proper passwords prevent unauthorized users from accessing a system.There are literally hundreds of different access approaches, control methods, and technologies, both in the physical world and in the virtual electronic world. Each method addresses a different type of access control or a specific access need.For example, access control solutions may incorporate identification and authentication mechanisms, filters, rules, rights, logging and monitoring, policy, and a plethora of other controls. However, despite the diversity of access control methods, all access control systems can be categorized into seven primary categories.The seven main categories of access control are:1. Directive: Controls designed to specify acceptable rules of behavior within an organization2. Deterrent: Controls designed to discourage people from violating security directives3. Preventive: Controls implemented to prevent a security incident or information breach4. Compensating: Controls implemented to substitute for the loss of primary controls and mitigate risk down to an acceptable level5. Detective: Controls designed to signal a warning when a security control has been breached6. Corrective: Controls implemented to remedy circumstance, mitigate damage, or restore controls7. Recovery: Controls implemented to restore conditions to normal after a security incident
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 1156-1176). Auerbach Publications. Kindle Edition.
Share your comments for ISC SSCP exam with other users:
please upload apache spark dumps
q14 is b&c to reduce you will switch off mail for every single alert and you will switch on daily digest to get a mail once per day, you might even skip the empty digest mail but i see this as a part of the daily digest adjustment
i think it is good question
good for students who wish to give certification.
is there a google drive link to the images? the links in questions are not working.
very promising, looks great, so much wow!
i scored 87% on the az-204 exam. thanks! i always trust
good need more
sample questions seems good
huawei is ok
good one nice
please continue
this exam dumps just did the job. i donot want to ruffle your feathers but your exam dumps and mock test engine is amazing.
nice questions
the explanation are really helpful
just passed my exam yesterday on my first attempt. these dumps were extremely helpful in passing first time. the questions were very, very similar to these questions!
cosmos db is paas not saas
what is the percentage of common questions in gcp exam compared to 197 dump questions? are they 100% matching with real gcp exam?
not able to see questions
by far one of the best sites for free questions. i have pass 2 exams with the help of this website.
excellent question bank.
it really helped
excelent material
the new versoin of this exam which i downloaded has all the latest questions from the exam. i only saw 3 new questions in the exam which was not in this dump.
question 8 - can cloudtrail be used for storing jobs? based on aws - aws cloudtrail is used for governance, compliance and investigating api usage across all of our aws accounts. every action that is taken by a user or script is an api call so this is logged to [aws] cloudtrail. something seems incorrect here.
question 13 tda - c01 answer : quick table calculation -> percentage of total , compute using table down
pls share teh dump
question 44 answer is user risk
please post the questions for preparation
thanks for the questions
please reopen it now ..its really urgent
these practice exam questions were exactly what i needed. the variety of questions and the realistic exam-like environment they created helped me assess my strengths and weaknesses. i felt more confident and well-prepared on exam day, and i owe it to this exam dumps!
thank u it very instructuf
its helpful?