Operation Security1Word文档下载推荐.docx
- 文档编号:6717015
- 上传时间:2023-05-07
- 格式:DOCX
- 页数:87
- 大小:67.42KB
Operation Security1Word文档下载推荐.docx
《Operation Security1Word文档下载推荐.docx》由会员分享,可在线阅读,更多相关《Operation Security1Word文档下载推荐.docx(87页珍藏版)》请在冰点文库上搜索。
Controlsoverhardware.
Datamediaused.
Operatorsusingresources.
o
Environmentalcontrols.
D.Thecorrectansweris:
Environmentalcontrols.
WhileitisimportantthatenvironmentalconcernsareaddressedtheyarepartofthePhysicalSecurityDomain.
AlloftheotheranswersfalldirectlyunderOperationsSecurity.
Lastmodified8/27/2007-J.Hajec
ThankstoCrispinYuenfordetectingatypowithingthisquestionandreportingit.
ThankstoLinaAutoimprovetheexplanationtothisquestion.
Comment:
References:
AIOv3PhysicalSecurity(pages370-372)
AIOv3OperationSecurity(page900)
Contributor:
NickMackovski
Studyarea:
CISSPCBKdomain#7-OperationsSecurity
Coveredtopic:
Operationscontrols
Thisquestion©
Copyright2003–2006NickMackovski,cccure.org.Allrightsreserved.
2.Question:
1417|Difficulty:
Whichofthefollowingquestionsislesslikelytohelpinassessingcontrolsoveraudittrails?
Doestheaudittrailprovideatraceofuseractions?
Areincidentsmonitoredandtrackeduntilresolved?
Isaccesstoonlinelogsstrictlycontrolled?
Isthereseparationofdutiesbetweensecuritypersonnelwhoadministertheaccesscontrolfunctionandthosewhoadministertheaudittrail?
Accesscontroladministratorshouldnothaveaccesstoaudittrailtopreventinternalfraud.
B.Audittrailsmaintainarecordofsystemactivitybysystemorapplicationprocessesandbyuseractivity.Inconjunctionwithappropriatetoolsandprocedures,audittrailscanprovideindividualaccountability,ameanstoreconstructevents,detectintrusions,andidentifyproblems.Audittrailcontrolsareconsideredtechnicalcontrols.Monitoringandtrackingofincidentsismoreanoperationalcontrolrelatedtoincidentresponsecapability.
Source:
SWANSON,Marianne,NISTSpecialPublication800-26,SecuritySelf-AssessmentGuideforInformationTechnologySystems,November2001(PagesA-50toA-51).
Lastmodified07/02/2007,RonHehemann
ChristianVezina
Audittrails
3.Question:
1493|Difficulty:
4/5|Relevancy:
WhichofthefollowingisnotanOrangeBook-definedlifecycleassurancerequirement?
Securitytesting
Designspecificationandtesting
Trusteddistribution
Systemintegrity
D.ThelifecycleassurancerequirementsspecifiedintheOrangeBookare:
securitytesting,designspecificationandtesting,configurationmanagementandtrusteddistribution.SystemintegrityisalsodefinedintheOrangeBookbutisanoperationalassurancerequirement,notalifecycleassurancerequirement.
KRUTZ,RonaldL.&
VINES,RusselD.,TheCISSPPrepGuide:
MasteringtheTenDomainsofComputerSecurity,JohnWiley&
Sons,2001,Chapter6:
OperationsSecurity(page219).
Also:
U.S.DepartmentofDefense,TrustedComputerSystemEvaluationCriteria(OrangeBook),DOD5200.28-STD.December1985(alsoavailablehere).
Studyareas:
CISSPCBKdomain#6-SecurityArchitectureandDesign,CISSPCBKdomain#7-OperationsSecurity
Systemassurance
Copyright2003–2006ChristianVezina,cccure.org.Allrightsreserved.
4.Question:
205|Difficulty:
1/5|Relevancy:
Whichofthefollowingisthemostreliable,securemeansofremovingdatafrommagneticstoragemediasuchasamagnetictape,oracassette?
Degaussing
ParityBitManipulation
Certification
Bufferoverflow
Answer:
A.Informationisstoredonamagneticrecordingmedium(ferricoxides,chromiumdioxide,etc.)bymagnetizingsectionsofitfromalocalfield,inmostcasestherecordingprocessitself,theamplitudeandfrequencyofwhichvaryaccordingtotheinformationitiscarrying.Thisinformationisdistributedalongtherecordingtrackbythemovementofthemediumrelativetotherecordinghead,beitrotaryorlinear.Itispossibleinmostequipmenttoeraseitbypassingthemediumacrossaneraseheadbutthisnormallywouldbeinatimeequaltorecordtime.Itisspeedierandhencemorepracticaltosubmitthebulkofthemediumtoafield,whichcanbemadetodemagnetizeitinoneshortoperation.Thisisachievedbysubjectingitinbulktoaseriesoffieldsofalternatingpolarityandgraduallydecreasingstrength.Anequipmentthatdoesthisisa"
Degausser"
(otherwiseknownasaBulkEraser).Regardlessofname,itsfunctionistoreducetonearzerothemagneticfluxstoredinthemagnetizedmedium.FluxdensityismeasuredinGaussorTesla.
Rememberthatdelete,simplyremovesthefilefromtheTOCorVTOC,itdoesnotremovethefilecontent.
Reference:
Whatisdegaussing.
Dataremanenceandobjectreuseprotection
Copyright2003–2006cccure.org.Allrightsreserved.
5.Question:
253|Difficulty:
3/5|Relevancy:
WhichofthefollowingisNOTamediaviabilitycontrolusedtoprotecttheviabilityofdatastoragemedia?
clearing
marking
handling
storage
A.Clearingreferstotheoverwritingofdatamediaintendedtobereusedinthesameorganization.
MasteringtheTenDomainsofComputerSecurity,pages231,348.
Marking,handlingandstorageareallmediaviabilitycontrolsusedtoprotecttheviabilityofdatastoragemedia.
EricYandell
Sensitiveinformationandmediahandling
Copyright2003–2006EricYandell,cccure.org.Allrightsreserved.
6.Question:
1501|Difficulty:
AccordingtotheOrangeBook,whichsecuritylevelisthefirsttorequireconfigurationmanagement?
B2
B3
A1
B1
A.Configurationmanagementistheprocessoftrackingandapprovingchancestoasystem.ItisonlyrequiredforB2,B3andA1levelsystems,butbecauseitiscommonsense,itisrecommendedforsystemsthatareevaluatedatlowerlevels.
OperationsSecurity(page223).
CISSPCBKdomain#7-OperationsSecurity,CISSPCBKdomain#6-SecurityArchitectureandDesign
Configurationmanagement
7.Question:
1340|Difficulty:
Whenitcomestomagneticmediasanitization,whatdifferencecanbemadebetweenclearingandpurginginformation?
Clearingcompletelyerasesthemediawhereaspurgingonlyremovesfileheaders,allowingtherecoveryoffiles.
Clearingrendersinformationunrecoverablebyakeyboardattackandpurgingrendersinformationunrecoverableagainstlaboratoryattack.
Theybothinvolverewritingthemedia.
Clearingrendersinformationunrecoverableagainstalaboratoryattackandpurgingrendersinformationunrecoverabletoakeyboardattack.
B.Theremovalofinformationfromastoragemediumiscalledsanitization.Differentkindsofsanitizationprovidedifferentlevelsofprotection.Adistinctioncanbemadebetweenclearinginformation(renderingitunrecoverablebyakeyboardattack)andpurging(renderingitunrecoverableagainstlaboratoryattack).Therearethreegeneralmethodsofpurgingmedia:
overwriting,degaussing,anddestruction.
SWANSON,Marianne&
GUTTMAN,Barbara,NationalInstituteofStandardsandTechnology(NIST),NISTSpecialPublication800-14,GenerallyAcceptedPrinciplesandPracticesforSecuringInformationTechnologySystems,September1996(page26).
Coveredtopics
(2):
Dataremanenceandobjectreuseprotection,Sensitiveinformationandmediahandling
8.Question:
1504|Difficulty:
Hardwareavailabilityreportsallowtheidentificationofthefollowingproblemsexceptfor:
Inadequatetrainingforoperators
Excessiveoperatingsystemsmaintenance
Userdissatisfaction
Inadequatehardwarefacilities
C.Hardwareavailabilityreportsarehardwaremonitoringproceduresthatindicatethetimeperiodsduringwhichthecomputerisinoperationandavailableforutilizationbyusers.Downtimeperiodsmayindicateinadequatehardwarefacilities,excessiveoperatingsystemmaintenance,lackofpreventativemaintenance,inadequatephysicalplantsorinadequatetrainingforoperators.Userdissatisfactionisaratherconsequenceofsystemsunavailability.
InformationSystemsAuditandControlAssociation,CertifiedInformationSystemsAuditor2002reviewmanual,Chapter3:
TechnicalInfrastructureandOperationalPractices(page99).
9.Question:
1498|Difficulty:
Whichtrustedfacilitymanag
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- Operation Security1