This page was exported from Easily Pass By Training Lead2pass Latest Dumps
[
https://www.freebraindump.com
]
Export date: Fri Mar 29 10:26:12 2024 / +0000 GMT
With Lead2pass complete study guide for the ISC CISSP Certification exam you will find questions and answers from previous exams as well as ones that our experts believe will be on the upcoming exams due to upgrades and new releases. This gives you the resources you actually need to pass the exam instead of just studying material without any knowledge of what might be on a test. If you want a career in the IT world, a certification is the only answer to ensure you get your dream job. QUESTION 1 A. Identity-based Access control Answer: A QUESTION 2 A. Mandatory Access Control Answer: C QUESTION 3 A. Preventive/Administrative Pairing Answer: A QUESTION 4 A. in-consistent with the real world. Answer: D QUESTION 5 A. Mandatory Access Control Answer: C QUESTION 6 A. Authentication Answer: B QUESTION 7 A. Type 1 Something you know, such as a PIN or password Answer: D QUESTION 8 A. Mandatory Access Control Answer: C QUESTION 9 A. Authentication Answer: B QUESTION 10 A. Authentication Answer: A QUESTION 11 A. Type 1 Something you know, such as a PIN or password Answer: D QUESTION 12 A. Two-Factor Authentication Answer: A QUESTION 13 A. One-time or dynamic password Answer: A QUESTION 14 A. "one-time password" Answer: C QUESTION 15 A. passphrase Answer: A QUESTION 16 A. Tickets Answer: B QUESTION 17 A. The owner identity is authenticated by the token Answer: A QUESTION 18 A. The token generates a new password value at fixed time intervals (this password could be based on the time of day encrypted with a secret key). Answer: B Whether you are an IT professional or even a newbie, using Lead2pass ISC CISSP exam questions is the best way to get the certification in a minimum possible time. Preparing for ISC CISSP exams is a daunting task and equally rewarding. But for a person busy with day jobs, it is really a tough task to accomplish. Lead2pass ISC CISSP training material uses latest exam questions to get your targets achieved in a hassle free way.
The type of discretionary access control (DAC) that is based on an individual's identity is also called:
B. Rule-based Access control
C. Non-Discretionary Access Control
D. Lattice-based Access control
Which access control type has a central authority that determine to what objects the subjects have access to and it is based on role or on the organizational security policy?
B. Discretionary Access Control
C. Non-Discretionary Access Control
D. Rule-based Access control
Which of the following control pairings include: organizational policies and procedures, pre- employment background checks, strict hiring practices, employment agreements, employee termination procedures, vacation scheduling, labeling of sensitive materials, increased supervision, security awareness training, behavior awareness, and sign-up procedures to obtain access to information systems and networks?
B. Preventive/Technical Pairing
C. Preventive/Physical Pairing
D. Detective/Administrative Pairing
Explanation:
organizational policies and procedures, pre-employment background checks, strict hiring practices, employment agreements, friendly and unfriendly employee termination procedures, vacation scheduling, labeling of sensitive materials, increased supervision, security awareness training, behavior awareness, and sign-up procedures to obtain access to information systems and networks.
External consistency ensures that the data stored in the database is:
B. remains consistant when sent from one system to another.
C. consistent with the logical world.
D. consistent with the real world.
Explanation:
External consistency ensures that the data stored in the database is consistent with the real world.
A central authority determines what subjects can have access to certain objects based on the organizational security policy is called:
B. Discretionary Access Control
C. Non-Discretionary Access Control
D. Rule-based Access control
What is called the act of a user professing an identity to a system, usually in the form of a log-on ID?
B. Identification
C. Authorization
D. Confidentiality
Which one of the following factors is NOT one on which Authentication is based?
B. Type 2 Something you have, such as an ATM card or smart card
C. Type 3 Something you are (based upon one or more intrinsic physical or behavioral traits), such
as a fingerprint or retina scan
D. Type 4 Something you are, such as a system administrator or security administrator
Explanation:
Authentication is based on the following three factor types:
Type 1 Something you know, such as a PIN or password
Type 2 Something you have, such as an ATM card or smart card
Type 3 Something you are (Unique physical characteristic), such as a fingerprint or retina scan
A central authority determines what subjects can have access to certain objects based on the organizational security policy is called:
B. Discretionary Access Control
C. Non-Discretionary Access Control
D. Rule-based Access control
What is called the act of a user professing an identity to a system, usually in the form of a log-on ID?
B. Identification
C. Authorization
D. Confidentiality
What is called the verification that the user's claimed identity is valid and is usually implemented through a user password at log-on time?
B. Identification
C. Integrity
D. Confidentiality
Explanation:
Authentication is verification that the user's claimed identity is valid and is usually implemented through a user password at log-on time.
Which one of the following factors is NOT one on which Authentication is based?
B. Type 2 Something you have, such as an ATM card or smart card
C. Type 3 Something you are (based upon one or more intrinsic physical or behavioral traits), such as a fingerprint or retina scan
D. Type 4 Something you are, such as a system administrator or security administrator
Explanation:
Authentication is based on the following three factor types:
Type 1. Something you know, such as a PIN or password
Type 2. Something you have, such as an ATM card or smart card
Type 3. Something you are (Unique physical characteristic), such as a fingerprint or retina scan
The act of requiring two of the three factors to be used in the authentication process refers to:
B. One-Factor Authentication
C. Bi-Factor Authentication
D. Double Authentication
Explanation:
Two-Factor Authentication refers to the act of requiring two of the three factors to be used in the authentication process.
Which type of password provides maximum security because a new password is required for each new log-on?
B. Congnitive password
C. Static password
D. Passphrase
Explanation:
"One-time password" provides maximum security because a new password is required for each new log-on.
What is called a password that is the same for each log-on session?
B. "two-time password"
C. static password
D. dynamic password
What is called a sequence of characters that is usually longer than the allotted number for a password?
B. cognitive phrase
C. anticipated phrase
D. Real phrase
Explanation:
A passphrase is a sequence of characters that is usually longer than the allotted number for a password.
Which best describes a tool (i.e. keyfob, calculator, memory card or smart card) used to supply dynamic passwords?
B. Tokens
C. Token passing networks
D. Coupons
Explanation:
Tokens; Tokens in the form of credit card-size memory cards or smart cards, or those resembling small calculators, are used to supply static and dynamic passwords.
Which of the following would be true about Static password tokens?
B. The owner will never be authenticated by the token.
C. The owner will authenticate himself to the system.
D. The token does not authenticates the token owner but the system.
In Synchronous dynamic password tokens:
B. The token generates a new non-unique password value at fixed time intervals (this password could be based on the time of day encrypted with a secret key).
C. The unique password is not entered into a system or workstation along with an owner's PIN.
D. The authentication entity in a system or workstation knows an owner's secret key and PIN, and the entity verifies that the entered password is invalid and that it was entered during the invalid time window.
Explanation:
Synchronous dynamic password tokens:
The token generates a new password value at fixed time intervals (this password could be the time of day encrypted with a secret key).
The unique password is entered into a system or workstation along with an owner's PIN. The authentication entity in a system or workstation knows an owner's secret key and PIN, and the entity verifies that the entered password is valid and that it was entered during the valid time window.
Post date: 2015-01-26 07:43:53
Post date GMT: 2015-01-26 07:43:53
Post modified date: 2015-01-26 07:43:53
Post modified date GMT: 2015-01-26 07:43:53
Powered by [ Universal Post Manager ] plugin. MS Word saving format developed by gVectors Team www.gVectors.com