Lee White Lee White's Profile Page

Lee White Lee White

0 Course Enrolled • 0 Course Completed

Biography

CISSP全真模擬試験、CISSP資格関連題

BONUS！！！ Tech4Exam CISSPダンプの一部を無料でダウンロード：https://drive.google.com/open?id=1mJZ91NY51CuJRJK7BQTPDJTQKZLYZ4bM

Tech4ExamはISCのCISSP認定試験について開発された問題集がとても歓迎されるのはここで知識を得るだけでなく多くの先輩の経験も得ます。試験に良いの準備と自信がとても必要だと思います。使用して私たちTech4Examが提供した対応性練習問題が君にとってはなかなかよいサイトだと思います。

Tech4ExamはCISSP受験生の皆様に最も良いかつ便利なサービスを提供できるようにずっと一生懸命頑張っています。現在の時代で高効率は避けられない話題ですから、速いスピードと高効率が我々の目標です。CISSP受験の皆さんは速く知識を理解して高い点数を取得できるようにTech4Examは効率的なトレーニング資料をデザインしてさしあげます。皆さんは節約した時間とエネルギーを利用してもっと多くの金銭を稼ぐことができます。

>> CISSP全真模擬試験 <<

CISSP資格関連題 & CISSP試験対応

近年、当社ISCのCISSPテストトレントは好評を博し、献身的に99％の合格率に達しました。多くの労働者がより高度な自己改善を進めるための強力なツールとして、当社のCISSP認定Certified Information Systems Security Professional (CISSP)トレーニングは、高度なパフォーマンスと人間中心のテクノロジーに対する情熱を追求し続けています。さまざまな種類の候補者がCISSP認定を取得する方法を見つけるために、多くの研究が行われています。シラバスの変更および理論と実践の最新の進展に応じて、Certified Information Systems Security Professional (CISSP)ガイドトレントを修正およびTech4Exam更新します。

CISSP認定試験は、情報セキュリティの8つのドメインをカバーする包括的な試験です。これらのドメインには、セキュリティとリスク管理、資産セキュリティ、セキュリティエンジニアリング、コミュニケーションとネットワークセキュリティ、アイデンティティとアクセス管理、セキュリティ評価とテスト、セキュリティ運用、ソフトウェア開発セキュリティが含まれます。この試験は、250の複数選択の質問で構成されており、これらの各ドメインで候補者の知識、スキル、能力をテストするように設計されています。 CISSP認定試験に合格するには、1000ポイントのうち少なくとも700ポイントのスコアと、情報セキュリティ分野での最低5年間の専門的経験が必要です。

ISC Certified Information Systems Security Professional (CISSP) 認定 CISSP 試験問題 (Q624-Q629):

質問 # 624
Which of the following is NOT a known type of Message Authentication Code (MAC)?

A. DES-CBC
B. Universal Hashing Based MAC (UMAC)
C. Keyed-hash message authentication code (HMAC)
D. Signature-based MAC (SMAC)

正解：D

解説：
There is no such thing as a Signature-Based MAC. Being the wrong choice in the list, it is the best answer to this question.
WHAT IS A Message Authentication Code (MAC)?
In Cryptography, a MAC (Message Authentication Code) also known as a cryptographic checksum, is a small block of data that is generated using a secret key and then appended to the message. When the message is received, the recipient can generate their own MAC using the secret key, and thereby know that the message has not changed either accidentally or intentionally in transit. Of course, this assurance is only as strong as the trust that the two parties have that no one else has access to the secret key.
A MAC is a small representation of a message and has the following characteristics:
A MAC is much smaller than the message generating it.
Given a MAC, it is impractical to compute the message that generated it.
Given a MAC and the message that generated it, it is impractical to find another message generating the same MAC.
See the graphic below from Wikipedia showing the creation of a MAC value:

Message Authentication Code MAC HMAC
In the example above, the sender of a message runs it through a MAC algorithm to produce a MAC data tag. The message and the MAC tag are then sent to the receiver. The receiver in turn runs the message portion of the transmission through the same MAC algorithm using the same key, producing a second MAC data tag. The receiver then compares the first MAC tag received in the transmission to the second generated MAC tag.
If they are identical, the receiver can safely assume that the integrity of the message was not compromised, and the message was not altered or tampered with during transmission.
However, to allow the receiver to be able to detect replay attacks, the message itself must contain data that assures that this same message can only be sent once (e.g. time stamp, sequence number or use of a one-time MAC). Otherwise an attacker could - without even understanding its content - record this message and play it back at a later time, producing the same result as the original sender.
NOTE: There are many ways of producing a MAC value. Below you have a short list of some implementation.
The following were incorrect answers for this question:
They were all incorrect answers because they are all real type of MAC implementation.
In the case of DES-CBC, a MAC is generated using the DES algorithm in CBC mode, and the secret DES key is shared by the sender and the receiver. The MAC is actually just the last block of ciphertext generated by the algorithm. This block of data (64 bits) is attached to the unencrypted message and transmitted to the far end. All previous blocks of encrypted data are discarded to prevent any attack on the MAC itself. The receiver can just generate his own MAC using the secret DES key he shares to ensure message integrity and authentication. He knows that the message has not changed because the chaining function of CBC would significantly alter the last block of data if any bit had changed anywhere in the message. He knows the source of the message (authentication) because only one other person holds the secret key.
A Keyed-hash message authentication code (HMAC) is a specific construction for calculating a message authentication code (MAC) involving a cryptographic hash function in combination with a secret cryptographic key. As with any MAC, it may be used to simultaneously verify both the data integrity and the authentication of a message. Any cryptographic hash function, such as MD5, SHA-1, may be used in the calculation of an
HMAC; the resulting MAC algorithm is termed HMAC-MD5 or HMAC-SHA1 accordingly.
The cryptographic strength of the HMAC depends upon the cryptographic strength of the underlying hash function, the size of its hash output, and on the size and quality of the key.
A message authentication code based on universal hashing, or UMAC, is a type of message authentication code (MAC) calculated choosing a hash function from a class of hash functions according to some secret (random) process and applying it to the message.
The resulting digest or fingerprint is then encrypted to hide the identity of the hash function used. As with any MAC, it may be used to simultaneously verify both the data integrity and the authenticity of a message. UMAC is specified in RFC 4418, it has provable cryptographic strength and is usually a lot less computationally intensive than other MACs.
What is the MicMac (confusion) with MIC and MAC?
The term message integrity code (MIC) is frequently substituted for the term MAC, especially in communications, where the acronym MAC traditionally stands for Media
Access Control when referring to Networking. However, some authors use MIC as a distinctly different term from a MAC; in their usage of the term the MIC operation does not use secret keys. This lack of security means that any MIC intended for use gauging message integrity should be encrypted or otherwise be protected against tampering. MIC algorithms are created such that a given message will always produce the same MIC assuming the same algorithm is used to generate both. Conversely, MAC algorithms are designed to produce matching MACs only if the same message, secret key and initialization vector are input to the same algorithm. MICs do not use secret keys and, when taken on their own, are therefore a much less reliable gauge of message integrity than
MACs. Because MACs use secret keys, they do not necessarily need to be encrypted to provide the same level of assurance.
Reference(s) used for this question:
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third
Edition ((ISC)2 Press) (Kindle Locations 15799-15815). Auerbach Publications. Kindle
Edition.
and
http://en.wikipedia.org/wiki/Message_authentication_code
and
http://tools.ietf.org/html/rfc4418

質問 # 625
Which of the following is an advantage of Secure Shell?

A. It uses the International Date Encryption Algorithm (IDEA) for date privacy
B. It uses challenge-response to authenticate each party
C. It operates at the network layer
D. It encrypts transmitted User ID and Passwords

正解：D

質問 # 626
What would be the MOST cost effective solution for a Disaster Recovery (DR) site given that the organization's systems cannot be unavailable for more than 24 hours?

A. Hot site
B. Warm site
C. Cold site
D. Mirror site

正解：B

質問 # 627
Which integrity model defines a constrained data item, an integrity verification procedure and a transformation procedure?

A. The Clark Wilson integrity model
B. The Bell-LaPadula integrity model
C. The Take-Grant model
D. The Biba integrity model

正解：A

解説：
The Clark-Wilson model was developed to address security issues in commercial environments. The model uses two categories of mechanisms to realize integrity: well-formed transactions and separation of duty. It defines a constraint data item, a integrity verification and a transformation of that object. A possible way to represent a constraint that only certain trusted programs can modify objects is using application:checksum condition, where the checksum ensures authenticity of the application. Another way is using application:endorser condition, which indicates that a valid certificate, stating that the application has been endorsed by the specified endorser, must be presented. Static separation of duty is enforced by the security administrator when assigning group membership. Dynamic separation of duty enforces control over how permissions are used at the access time

質問 # 628
Which of the following type of lock uses a numeric keypad or dial to gain entry?

A. Electronic door lock
B. Cipher lock
C. Biometric door lock
D. Bolting door locks

正解：B

解説：
The combination door lock or cipher lock uses a numeric key pad, push button, or dial to gain entry, it is often seen at airport gate entry doors and smaller server rooms. The combination should be changed at regular interval or whenever an employee with access is transferred, fired or subject to disciplinary action. This reduces risk of the combination being known by unauthorized people.
A cipher lock, is controlled by a mechanical key pad, typically 5 to 10 digits that when pushed in
the right combination the lock will releases and allows entry. The drawback is someone looking
over a shoulder can see the combination. However, an electric version of the cipher lock is in
production in which a display screen will automatically move the numbers around, so if someone is
trying to watch the movement on the screen they will not be able to identify the number indicated
unless they are standing directly behind the victim.
Remember locking devices are only as good as the wall or door that they are mounted in and if the
frame of the door or the door itself can be easily destroyed then the lock will not be effective. A
lock will eventually be defeated and its primary purpose is to delay the attacker.
For your exam you should know below types of lock
Bolting door lock - These locks required the traditional metal key to gain entry. The key should be
stamped "do not duplicate" and should be stored and issued under strict management control.
Biometric door lock - An individual's unique physical attribute such as voice, retina, fingerprint,
hand geometry or signature, activate these locks. This system is used in instances when sensitive
facilities must be protected such as in the military.
Electronic door lock - This system uses a magnetic or embedded chip based plastic card key or
token entered into a sensor reader to gain access. A special code internally stored in the card or
token is read by sensor device that then activates the door locking mechanism.
The following were incorrect answers:
Bolting door lock - These locks required the traditional metal key to gain entry. The key should be
stamped "do not duplicate" and should be stored and issued under strict management control.
Biometric door lock - An individual's unique body features such as voice, retina, fingerprint,, hand
geometry or signature, activate these locks. This system is used in instances when extremely
sensitive facilities must be protected such as in the military.
Electronic door lock - This system uses a magnetic or embedded chip based plastic card key or
token entered into a sensor reader to gain access. A special code internally stored in the card or
token is read by sensor device that then activates the door locking mechanism.
Following reference(s) were/was used to create this question:
CISA review manual 2014 Page number 376
and
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition
((ISC)2 Press) (Kindle Locations 25144-25150). Auerbach Publications. Kindle Edition.

質問 # 629
......

CISSP参考資料を使用したお客様からいい評価をもらいました。CISSP参考資料は多くの人の絶対いい選択です。CISSP参考資料の難点については、弊社の専門家ガ例を挙げて説明します。そうすれば、わかりやすく、覚えやすいです。弊社の CISSP参考資料は実践に基づいて、専門的な知識の蓄積です。だから、CISSP試験のために、弊社の商品を選ばれば、後悔することがないです。

CISSP資格関連題: https://www.tech4exam.com/CISSP-pass-shiken.html

P.S. Tech4ExamがGoogle Driveで共有している無料かつ新しいCISSPダンプ：https://drive.google.com/open?id=1mJZ91NY51CuJRJK7BQTPDJTQKZLYZ4bM

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Lee White Lee White

Biography

COOKIE NOTICE