CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC2
  5. CSSLP

Free CSSLP Exam Braindumps

The NIST Information Security and Privacy Advisory Board (ISPAB) paper "Perspectives on Cloud Computing and Standards" specifies potential advantages and disdvantages of virtualization. Which of the following disadvantages does it include? Each correct answer represents a complete solution. Choose all that apply.

  1. It increases capabilities for fault tolerant computing using rollback and snapshot features.
  2. It increases intrusion detection through introspection.
  3. It initiates the risk that malicious software is targeting the VM environment.
  4. It increases overall security risk shared resources.
  5. It creates the possibility that remote attestation may not work.
  6. It involves new protection mechanisms for preventing VM escape, VM detection, and VM-VM interference.
  7. It increases configuration effort because of complexity and composite system.

Answer(s): C,D,E,F,G

Explanation:

The potential security disadvantages of virtualization are as follows: It increases configuration effort because of complexity and composite system. It initiates the problem of how to prevent overlap while mapping VM storage onto host files. It introduces the problem of virtualizing the TPM. It creates the possibility that remote attestation may not work. It initiates the problem of detecting VM covert channels. It involves new protection mechanisms for preventing VM escape, VM detection, and VM-VM interference. It initiates the possibility of virtual networking configuration errors. It initiates the risk that malicious software is targeting the VM environment.
It increases overall security risk shared resources, such as networks, clipboards, clocks, printers, desktop management, and folders.
Answers A and B are incorrect. These are not the disadvantages of virtualization, as described in the NIST Information Security and Privacy Advisory Board (ISPAB) paper "Perspectives on Cloud Computing and Standards".



Which of the following are the types of access controls? Each correct answer represents a complete solution. Choose three.

  1. Physical
  2. Technical
  3. Administrative
  4. Automatic

Answer(s): A,B,C

Explanation:

Security guards, locks on the gates, and alarms come under physical access control. Policies and procedures implemented by an organization come under administrative access control. IDS systems, encryption, network segmentation, and antivirus controls come under technical access control. Answer D is incorrect. There is no such type of access control as automatic control.



What are the subordinate tasks of the Initiate and Plan IA C&A phase of the DIACAP process? Each correct answer represents a complete solution. Choose all that apply.

  1. Initiate IA implementation plan
  2. Develop DIACAP strategy
  3. Assign IA controls.
  4. Assemble DIACAP team
  5. Register system with DoD Component IA Program.
  6. Conduct validation activity.

Answer(s): A,B,C,D,E

Explanation:

The Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) is a process defined by the United States Department of Defense (DoD) for managing risk.
The subordinate tasks of the Initiate and Plan IA C&A phase are as follows: Register system with DoD Component IA Program. Assign IA controls. Assemble DIACAP team. Develop DIACAP strategy. Initiate IA implementation plan. Answer F is incorrect. Validation activities are conducted in the second phase of the DIACAP process, i.e., Implement and Validate Assigned IA Controls.



Which of the following attacks causes software to fail and prevents the intended users from accessing software?

  1. Enabling attack
  2. Reconnaissance attack
  3. Sabotage attack
  4. Disclosure attack

Answer(s): C

Explanation:

A sabotage attack is an attack that causes software to fail. It also prevents the intended users from accessing software. A sabotage attack is referred to as a denial of service (DoS) or compromise of availability. Answer B is incorrect. The reconnaissance attack enables an attacker to collect information about software and operating environment. Answer D is incorrect. The disclosure attack exposes the revealed data to an attacker. Answer A is incorrect. The enabling attack delivers an easy path for other attacks.






Post your Comments and Discuss ISC2 CSSLP exam with other Community members:

CSSLP Exam Discussions & Posts