CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC
  5. SSCP

Free SSCP Exam Braindumps (page: 46)

Page 45 of 269
PDF with 1074 Questions

Which of the following biometric parameters are better suited for authentication use over a long period of time?

  1. Iris pattern
  2. Voice pattern
  3. Signature dynamics
  4. Retina pattern

Answer(s): A

Explanation:

The iris pattern is considered lifelong. Unique features of the iris are: freckles, rings, rifts, pits, striations, fibers, filaments, furrows, vasculature and coronas. Voice, signature and retina patterns are more likely to change over time, thus are not as suitable for authentication over a long period of time without needing re-enrollment.


Reference:

FERREL, Robert G, Questions and Answers for the CISSP Exam, domain 1 (derived from the Information Security Management Handbook, 4th Ed., by Tipton & Krause).



In the CIA triad, what does the letter A stand for?

  1. Auditability
  2. Accountability
  3. Availability
  4. Authentication

Answer(s): C

Explanation:

The CIA triad stands for Confidentiality, Integrity and Availability.



Which TCSEC class specifies discretionary protection?

  1. B2
  2. B1
  3. C2
  4. C1

Answer(s): D

Explanation:

C1 involves discretionary protection, C2 involves controlled access protection, B1 involves labeled security protection and B2 involves structured protection.


Reference:

TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.



Which of the following access control techniques best gives the security officers the ability to specify and enforce enterprise-specific security policies in a way that maps naturally to an organization's structure?

  1. Access control lists
  2. Discretionary access control
  3. Role-based access control
  4. Non-mandatory access control

Answer(s): C

Explanation:

Role-based access control (RBAC) gives the security officers the ability to specify and enforce enterprise-specific security policies in a way that maps naturally to an organization's structure. Each user is assigned one or more roles, and each role is assigned one or more privileges that are given to users in that role. An access control list (ACL) is a table that tells a system which access rights each user has to a particular system object. With discretionary access control, administration is decentralized and owners of resources control other users' access. Non- mandatory access control is not a defined access control technique.


Reference:

ANDRESS, Mandy, Exam Cram CISSP, Coriolis, 2001, Chapter 2: Access Control Systems and Methodology (page 9).






Post your Comments and Discuss ISC SSCP exam with other Community members:

SSCP Discussions & Posts