Free ISC CISSP Study Guide and Training
QUESTION 31
The following is NOT a security characteristic we need to consider while choosing a biometric identification systems:
A. data acquisition process
B. cost
C. enrollment process
D. speed and user interface
Correct Answer: B Explanation
Explanation/Reference:
Cost is a factor when considering Biometrics but it is not a security characteristic. All the other answers are incorrect because they are security characteristics related to Biometrics.
Data acquisition process can cause a security concern because if the process is not fast and efficient it can discourage individuals from using the process.
Enrollment process can cause a security concern because the enrollment process has to be quick and efficient. This process captures data for authentication.
Speed and user interface can cause a security concern because this also impacts the users acceptance rate of biometrics. If they are not comfortable with the interface and speed they might sabotage the devices or otherwise attempt to circumvent them.
References:
OIG Access Control (Biometrics) (pgs 165-167)
From: TIPTON, Harold F. & KRAUSE, MICKI, Information Security Management Handbook, 4th Edition, Volume 1, Pages 5-6
** in process of correction **
QUESTION 32
In biometric identification systems, at the beginning, it was soon apparent that truly positive identification could only be based on physical attributes of a person. This raised the necessity of answering 2 questions :
A. what was the sex of a person and his age
B. what part of body to be used and how to accomplish identification that is viable
C. what was the age of a person and his income level
D. what was the tone of the voice of a person and his habits
Correct Answer: B Explanation
Explanation/Reference:
Today implementation of fast, accurate reliable and user-acceptable biometric identification systems is already taking place. Unique physical attributes or behavior of a person are used for that purpose. From: TIPTON, Harold F. & KRAUSE, MICKI, Information Security Management Handbook, 4th Edition, Volume 1, Page 7
QUESTION 33
In biometric identification systems, the parts of the body conveniently available for identification are:
A. neck and mouth
B. hands, face, and eyes
C. feet and hair
D. voice and neck
Correct Answer: B Explanation
Explanation/Reference:
Today implementation of fast, accurate, reliable, and user-acceptable biometric identification systems are already under way. Because most identity authentication takes place when a people are fully clothed (neck to feet and wrists), the parts of the body conveniently available for this purpose are hands, face, and eyes.
From: TIPTON, Harold F. & KRAUSE, MICKI, Information Security Management Handbook, 4th Edition, Volume 1, Page 7
QUESTION 34
Controlling access to information systems and associated networks is necessary for the preservation of their:
A. Authenticity, confidentiality and availability
B. Confidentiality, integrity, and availability.
C. integrity and availability.
D. authenticity,confidentiality, integrity and availability.
Correct Answer: B Explanation
Explanation/Reference:
Controlling access to information systems and associated networks is necessary for the preservation of their confidentiality, integrity and availability.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 31
QUESTION 35
To control access by a subject (an active entity such as individual or process) to an object (a passive entity such as a file) involves setting up:
A. Access Rules
B. Access Matrix
C. Identification controls
D. Access terminal
Correct Answer: A Explanation
Explanation/Reference:
Controlling access by a subject (an active entity such as individual or process) to an object (a passive entity such as a file) involves setting up access rules.
These rules can be classified into three access control models: Mandatory, Discretionary, and Non-Discretionary.
An access matrix is one of the means used to implement access control.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 33
Answer:
Latest ISC CISSP exam is one of popular Certification.Many candidates won’t have confidence to get latest ISC CISSP. Now We guaranteed latest ISC CISSP Study Guide training is available in various formats to best suit your needs and learning style.Whether you are a hands-on tactile learner,visually or even a textbook training veteran,Flydumps has latest ISC CISSP resources that will enable you to pass your ISC CISSP Study Guide with flying colors.As with Cisco exams,the ISC CISSP exam is structured to stack or plug into other related courses.The combination of ISC CISSP courses builds the complete core knowledge base you need to meet your ISC CISSP certification requirements.
Read More: http://www.microsoft-technet.com/download-new-free-cisco-400-101-dumps.html