INT-2690: CISSP Chapter 3 Security Engineering Questions
DES performs how many rounds of permutation and substitution?
16
How many bits make up the effective length of the DES key?
56
Which of the following best describes a digital signature?
A method to let the receiver of the message prove the source and integrity of a message
What is the final step in authorizing a system for use in an environment?
Accreditation
The trusted computing base (TCB) contains which of the following?
All trusted software and hardware components
Which of the following best describes a certificate authority?
An organization that issues certificates
John has been told that one of the applications installed on a web server within the DMZ accepts any length of information that a customer using a web browser inputs into the form the web server provides to collect new customer data. Which of the following describes an issue that John should be aware of pertaining to this type of issue?
Application is written in the C programming language.
The generation of keys that are made up of random values is referred to as Key Derivation Functions (KDFs). What values are not commonly used in this key generation process?
Asymmetric values
If a component fails, a system should be designed to do which of the following?
Change to a more secure state
Which of the following best describes a characteristic of the software that may be causing issues?
Cooperative multitasking
Which of the following describes the difference between the Data Encryption Standard and the Rivest Shamir-Adleman algorithm?
DES is symmetric, while RSA is asymmetric.
What does DEA stand for?
Data Encryption Algorithm
What does DES stand for?
Data Encryption Standard
Which of the following answers contains a category of controls that does NOT belong in a physical security program?
Delaying and lighting
What type of rating is used within the Common Criteria framework?
EAL
What is an advantage of RSA over DSA?
It can provide digital signature and encryption functionality.
Which of the following is not a property or characteristic of a one-way hash function?
It converts a message of fixed length to an arbitrary length value.
What is the primary purpose of using one-way hashing on user passwords?
It prevents anyone from reading passwords in plaintext.
Which of the following is a true statement pertaining to data encryption when it is used to protect data?
It requires careful key management.
If different keys generate the same ciphertext for the same message, what is this called?
Key clustering
What process usually takes place after creating a DES session key?
Key exchange
What feature enables code to be executed without the usual security checks?
Maintenance hook
Who was involved in developing the first public key algorithm?
Martin Hellman
In secure computing systems, why is there a logical form of separation used between processes?
Processes are contained within their own security domains so each does not make unauthorized accesses to other processes or their resources.
Why has the frequency of successful brute-force attacks increased?
Processor speed and power have increased
Which of the following is based on the fact that it is hard to factor large numbers into two original prime numbers?
RSA
What is the best description of a security kernel from a security point of view?
Reference monitor
Which of the following is a U.S. federal government algorithm developed for creating secure message digests?
Secure Hash Algorithm
What is the imaginary boundary that separates components that maintain security from components that are not security related?
Security perimeter
Which of the following best describes why rebooting helps with system performance in the situation described in this scenario?
Software is not releasing unused memory.
Mark is a security administrator who is responsible for purchasing new computer systems for a co-location facility his company is starting up. The company has several time-sensitive applications that require extensive processing capabilities. The co-location facility is not as large as the main facility, so it can only fit a smaller number of computers, which still must carry the same processing load as the systems in the main building. Which of the following best describes the most important aspects of the products Mark needs to purchase for these purposes?
Systems must provide asymmetric multiprocessing capabilities and virtualized environments.
Which of the following is NOT a main componenent of CPTED?
Target Hardening
Which of the following is a true statement pertaining to memory addressing?
The CPU uses absolute addresses. Applications use logical addresses. Relative addresses are based on a known address and an offset value.
What would indicate that a message had been modified?
The message digest has been altered.
What is used to create a digital signature?
The sender's private key
What is the definition of an algorithm's work factor?
The time it takes to break the encryption
What is the goal of cryptanalysis?
To determine the strength of an algorithm
Which of the following best describes some of the issues that the evaluation testers most likely ran into while testing the submitted product?
Vulnerabilities that allowed malicious code to execute in protected memory sections
What does positive pressurization pertaining to ventilation mean?
When a door opens, the air goes out.
When should a Class C fire extinguisher be used instead of a Class A fire extinguisher?
When electrical equipment is on fire
Which of the following is an incorrect description pertaining to the common components that make up computer systems? i. General registers are commonly used to hold temporary processing data, while special registers are used to hold process characteristic data as in condition bits. ii. A processer sends a memory address and a "read" request down an address bus and a memory address and "write" request down an I/O bus. iii. Process-to-process communication commonly takes place through memory stacks, which are made up of individually addressed buffer locations. iv. A CPU uses a stack return pointer to keep track of the next instruction sets it needs to process.
ii. A processer sends a memory address and a "read" request down an address bus and a memory address and "write" request down an I/O bus. iv. A CPU uses a stack return pointer to keep track of the next instruction sets it needs to process.
Which of the following best describes Steve's confusion?
Evaluation, certification, and accreditation are carried out by different groups with different purposes.
Which of the following uses a symmetric key and a hashing algorithm?
HMAC
Which of the following best describes the difference between HMAC and CBC-MAC?
HMAC provides integrity and data origin authentication; CBC-MAC uses a block cipher for the process of creating a MAC.
Which problems may be caused by humidity in an area with electrical devices?
High humidity causes corrosion, and low humidity causes static electricity.
Pete is a new security manager at a financial institution that develops its own internal software for specific proprietary functionality. The financial institution has several locations distributed throughout the world and has bought several individual companies over the last ten years, each with its own heterogeneous environment. Since each purchased company had its own unique environment, it has been difficult to develop and deploy internally developed software in an effective manner that meets all the necessary business unit requirements. Which of the following best describes a standard that Pete should ensure the software development team starts to implement so that various business needs can be met?
ISO/IEC 42010
Why would a certificate authority revoke a certificate?
If the user's private key has become compromised
Which of the following best describes an item the software development team needs to address to ensure that drivers cannot be loaded in an unauthorized manner?
Improved security kernel processes
