CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC
  5. SSCP

Free SSCP Exam Braindumps (page: 28)

Page 27 of 269
PDF with 1074 Questions

Access Control techniques do not include which of the following choices?

  1. Relevant Access Controls
  2. Discretionary Access Control
  3. Mandatory Access Control
  4. Lattice Based Access Control

Answer(s): A

Explanation:

Access Control Techniques
Discretionary Access Control
Mandatory Access Control
Lattice Based Access Control
Rule-Based Access Control
Role-Based Access Control


Reference:

DUPUIS, Clement, Access Control Systems and Methodology, Version 1, May 2002, CISSP Open Study Group Study Guide for Domain 1, Page 13.



Access Control techniques do not include which of the following?

  1. Rule-Based Access Controls
  2. Role-Based Access Control
  3. Mandatory Access Control
  4. Random Number Based Access Control

Answer(s): D

Explanation:

Access Control Techniques
Discretionary Access Control
Mandatory Access Control
Lattice Based Access Control
Rule-Based Access Control
Role-Based Access Control


Reference:

DUPUIS, Clement, Access Control Systems and Methodology, Version 1, May 2002, CISSP Open Study Group Study Guide for Domain 1, Page 13.



Which of the following statements relating to the Bell-LaPadula security model is FALSE (assuming the Strong Star property is not being used) ?

  1. A subject is not allowed to read up.
  2. The property restriction can be escaped by temporarily downgrading a high level subject.
  3. A subject is not allowed to read down.
  4. It is restricted to confidentiality.

Answer(s): C

Explanation:

It is not a property of Bell LaPadula model.
The other answers are incorrect because:
A subject is not allowed to read up is a property of the 'simple security rule' of Bell LaPadula model.
The property restriction can be escaped by temporarily downgrading a high level subject can be escaped by temporarily downgrading a high level subject or by identifying a set of trusted objects which are permitted to violate the property as long as it is not in the middle of an operation.
It is restricted to confidentiality as it is a state machine model that enforces the confidentiality aspects of access control.


Reference:

Shon Harris AIO v3 , Chapter-5 : Security Models and Architecture , Page:279-282



Which of the following logical access exposures INVOLVES CHANGING data before, or as it is entered into the computer?

  1. Data diddling
  2. Salami techniques
  3. Trojan horses
  4. Viruses

Answer(s): A

Explanation:

It involves changing data before , or as it is entered into the computer or in other words , it refers to the alteration of the existing data.
The other answers are incorrect because :
Salami techniques : A salami attack is the one in which an attacker commits several small crimes with the hope that the overall larger crime will go unnoticed.
Trojan horses: A Trojan Horse is a program that is disguised as another program. Viruses:A Virus is a small application , or a string of code , that infects applications.


Reference:

Shon Harris , AIO v3
Chapter - 11: Application and System Development, Page : 875-880
Chapter - 10: Law, Investigation and Ethics , Page : 758-759






Post your Comments and Discuss ISC SSCP exam with other Community members:

SSCP Discussions & Posts