Tag - SSCP exam

What is the Biba security model concerned with?A .  ConfidentialityB .  ReliabilityC .  AvailabilityD .  IntegrityView AnswerAnswer: D Explanation: The Biba security model addresses the integrity of data being threatened when subjects at lower security levels are able to write to objects at higher security levels and when subjects can read...

This baseline sets certain thresholds for specific errors or mistakes allowed and the amount of these occurrences that can take place before it is considered suspicious?A .  Checkpoint levelB .  Ceiling levelC .  Clipping levelD .  Threshold levelView AnswerAnswer: C Explanation: Organizations usually forgive a particular type, number, or pattern...

Which access control model achieves data integrity through well-formed transactions and separation of duties?A .  Clark-Wilson modelB .  Biba modelC .  Non-interference modelD .  Sutherland modelView AnswerAnswer: A Explanation: The Clark-Wilson model differs from other models that are subject- and object-oriented by introducing a third access element programs resulting in...

Which of the following is a CHARACTERISTIC of a decision support system (DSS) in regards to Threats and Risks Analysis?A .  DSS is aimed at solving highly structured problems.B .  DSS emphasizes flexibility in the decision making approach of users.C .  DSS supports only structured decision-making tasks.D .  DSS combines...

Which of the following are the steps usually followed in the development of documents such as security policy, standards and procedures?A .  design, development, publication, coding, and testing.B .  design, evaluation, approval, publication, and implementation.C .  initiation, evaluation, development, approval, publication, implementation, and maintenance.D .  feasibility, development, approval, implementation, and...

Which of the following best describes the purpose of debugging programs?A .  To generate random data that can be used to test programs before implementing them.B .  To ensure that program coding flaws are detected and corrected.C .  To protect, during the programming phase, valid changes from being overwritten by...

Which security model uses division of operations into different parts and requires different users to perform each part?A .  Bell-LaPadula modelB .  Biba modelC .  Clark-Wilson modelD .  Non-interference modelView AnswerAnswer: C Explanation: The Clark-Wilson model uses separation of duties, which divides an operation into different parts and requires different users...

Related to information security, confidentiality is the opposite of which of the following?A .  closureB .  disclosureC .  disposalD .  disasterView AnswerAnswer: B Explanation: Confidentiality is the opposite of disclosure. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John...

Which of the following is an example of a passive attack?A .  Denying services to legitimate usersB .  Shoulder surfingC .  Brute-force password crackingD .  SmurfingView AnswerAnswer: B Explanation: Shoulder surfing is a form of a passive attack involving stealing passwords, personal identification numbers or other confidential information by looking...

What is RAD?A .  A development methodologyB .  A project management techniqueC .  A measure of system complexityD .  Risk-assessment diagrammingView AnswerAnswer: A Explanation: RAD stands for Rapid Application Development. RAD is a methodology that enables organizations to develop strategically important systems faster while reducing development costs and maintaining quality. RAD...