CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC
  5. SSCP

Free SSCP Exam Braindumps (page: 73)

Page 72 of 269
PDF with 1074 Questions

Which of the following addresses a portion of the primary memory by specifying the actual address of the memory location?

  1. direct addressing
  2. Indirect addressing
  3. implied addressing
  4. indexed addressing

Answer(s): A

Explanation:

Absolute/Direct
+------+-----+--------------------------------------+
| load | reg | address |
+------+-----+--------------------------------------+
(Effective address = address as given in instruction)
This requires space in an instruction for quite a large address. It is often available on CISC machines which have variable-length instructions, such as x86.
Some RISC machines have a special Load Upper Literal instruction which places a 16-bit constant in the top half of a register. An OR literal instruction can be used to insert a 16-bit constant in the lower half of that register, so that a full 32-bit address can then be used via the register-indirect addressing mode, which itself is provided as "base-plus-offset" with an offset of 0. http://en.wikipedia.org/wiki/Addressing_mode (Very good coverage of the subject)
also see:


Reference:

KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, page 186.
also see:
http://www.comsci.us/ic/notes/am.html



Which of the following is NOT true concerning Application Control?

  1. It limits end users use of applications in such a way that only particular screens are visible.
  2. Only specific records can be requested through the application controls
  3. Particular usage of the application can be recorded for audit purposes
  4. It is non-transparent to the endpoint applications so changes are needed to the applications and databases involved

Answer(s): D


Reference:

TIPTON, Harold F. & KRAUSE, MICKI, Information Security Management Handbook, 4th Edition, Volume 2, Auerbach.



Which of the following are NOT a countermeasure to traffic analysis?

  1. Padding messages.
  2. Eavesdropping.
  3. Sending noise.
  4. Faraday Cage

Answer(s): B

Explanation:

Eavesdropping is not a countermeasure, it is a type of attack where you are collecting traffic and attempting to see what is being send between entities communicating with each other.
The following answers are incorrect:
Padding Messages. Is incorrect because it is considered a countermeasure you make messages uniform size, padding can be used to counter this kind of attack, in which decoy traffic is sent out over the network to disguise patterns and make it more difficult to uncover patterns. Sending Noise. Is incorrect because it is considered a countermeasure, tansmitting non- informational data elements to disguise real data.
Faraday Cage Is incorrect because it is a tool used to prevent emanation of electromagnetic waves. It is a very effective tool to prevent traffic analysis.



Preservation of confidentiality within information systems requires that the information is not disclosed to:

  1. Authorized person
  2. Unauthorized persons or processes.
  3. Unauthorized persons.
  4. Authorized persons and processes

Answer(s): B

Explanation:

Confidentiality assures that the information is not disclosed to unauthorized persons or processes.


Reference:

KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 31.






Post your Comments and Discuss ISC SSCP exam with other Community members:

SSCP Exam Discussions & Posts