• Home
  • Articles
  • [Q292-Q317] Get New 2024 ISC SSCP Exam Dumps Bundle On flat Updated Dumps!

[Q292-Q317] Get New 2024 ISC SSCP Exam Dumps Bundle On flat Updated Dumps!

Share

Get New 2024 ISC exam SSCP Dumps Bundle On flat Updated Dumps!

Full SSCP Practice Test and 1338 unique questions with explanations waiting just for you, get it now!

NEW QUESTION # 292
A network-based vulnerability assessment is a type of test also referred to as:

  • A. A host-based vulnerability assessment.
  • B. A passive vulnerability assessment.
  • C. A routing vulnerability assessment.
  • D. An active vulnerability assessment.

Answer: D

Explanation:
Section: Access Control
Explanation/Reference:
A network-based vulnerability assessment tool/system either re-enacts system attacks, noting and recording responses to the attacks, or probes different targets to infer weaknesses from their responses.
Since the assessment is actively attacking or scanning targeted systems, network-based vulnerability assessment systems are also called active vulnerability systems.
There are mostly two main types of test:
PASSIVE: You don't send any packet or interact with the remote target. You make use of public database and other techniques to gather information about your target.
ACTIVE: You do send packets to your target, you attempt to stimulate response which will help you in gathering information about hosts that are alive, services runnings, port state, and more.
See example below of both types of attacks:
Eavesdropping and sniffing data as it passes over a network are considered passive attacks because the attacker is not affecting the protocol, algorithm, key, message, or any parts of the encryption system. Passive attacks are hard to detect, so in most cases methods are put in place to try to prevent them rather than to detect and stop them.
Altering messages , modifying system files, and masquerading as another individual are acts that are considered active attacks because the attacker is actually doing something instead of sitting back and gathering data. Passive attacks are usually used to gain information prior to carrying out an active attack.
IMPORTANT NOTE:
On the commercial vendors will sometimes use different names for different types of scans. However, the exam is product agnostic. They do not use vendor terms but general terms. Experience could trick you into selecting the wrong choice sometimes. See feedback from Jason below:
"I am a system security analyst. It is my daily duty to perform system vulnerability analysis. We use Nessus and Retina (among other tools) to perform our network based vulnerability scanning. Both commercially available tools refer to a network based vulnerability scan as a "credentialed" scan. Without credentials, the scan tool cannot login to the system being scanned, and as such will only receive a port scan to see what ports are open and exploitable" Reference(s) used for this question:
Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (p. 865). McGraw-Hill. Kindle Edition.
and
DUPUIS, Clement, Access Control Systems and Methodology CISSP Open Study Guide, version 1.0, march
2002 (page 97).


NEW QUESTION # 293
Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is:

  • A. Only possible with key recovery scheme of all user keys
  • B. Not possible
  • C. It is possible only if X509 Version 3 certificates are used
  • D. It is possible only by "brute force" decryption

Answer: B

Explanation:
Content security measures presumes that the content is available in cleartext on the central mail server.
Encrypted emails have to be decrypted before it can be filtered (e.g. to detect viruses), so you need the decryption key on the central "crypto mail server".
There are several ways for such key management, e.g. by message or key recovery methods.
However, that would certainly require further processing in order to achieve such goal.


NEW QUESTION # 294
Which of the following is used by RADIUS for communication between clients and servers?

  • A. SSH
  • B. UDP
  • C. TCP
  • D. SSL

Answer: B


NEW QUESTION # 295
Secure Sockets Layer (SSL) is very heavily used for protecting which of the following?

  • A. Electronic Payment transactions.
  • B. EDI transactions.
  • C. Web transactions.
  • D. Telnet transactions.

Answer: C

Explanation:
Section: Network and Telecommunications
Explanation/Reference:
SSL was developed Netscape Communications Corporation to improve security and privacy of HTTP transactions.
SSL is one of the most common protocols used to protect Internet traffic.
It encrypts the messages using symmetric algorithms, such as IDEA, DES, 3DES, and Fortezza, and also calculates the MAC for the message using MD5 or SHA-1. The MAC is appended to the message and encrypted along with the message data.
The exchange of the symmetric keys is accomplished through various versions of Diffie-Hellmann or RSA.
TLS is the Internet standard based on SSLv3. TLSv1 is backward compatible with SSLv3. It uses the same algorithms as SSLv3; however, it computes an HMAC instead of a MAC along with other enhancements to improve security.
The following are incorrect answers:
"EDI transactions" is incorrect. Electronic Data Interchange (EDI) is not the best answer to this question though SSL could play a part in some EDI transactions.
"Telnet transactions" is incorrect. Telnet is a character mode protocol and is more likely to be secured by Secure Telnet or replaced by the Secure Shell (SSH) protocols.
"Eletronic payment transactions" is incorrect. Electronic payment is not the best answer to this question though SSL could play a part in some electronic payment transactions.
Reference(s) used for this question:
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 16615-16619). Auerbach Publications. Kindle Edition.
and
http://en.wikipedia.org/wiki/Transport_Layer_Security


NEW QUESTION # 296
Which of the following items is NOT a benefit of cold sites?

  • A. Quick Recovery
  • B. Low Cost
  • C. A secondary location is available to reconstruct the environment
  • D. No resource contention with other organisation

Answer: A

Explanation:
Section: Risk, Response and Recovery
Explanation/Reference:
A cold site is a permanent location that provide you with your own space that you can move into in case of a disaster or catastrophe. It is one of the cheapest solution available as a rental place but it is also the one that would take the most time to recover. A cold site usually takes one to two weeks for recoverey.
Although major disruptions with long-term effects may be rare, they should be accounted for in the contingency plan. The plan should include a trategy to recover and perform system operations at an alternate facility for an extended period. In general, three types of alternate sites are available:
Dedicated site owned or operated by the organization. Also called redundant or alternate sites; Reciprocal agreement or memorandum of agreement with an internal or external entity; and Commercially leased facility.
Regardless of the type of alternate site chosen, the facility must be able to support system operations as defined in the contingency plan. The three alternate site types commonly categorized in terms of their operational readiness are cold sites, warm sites, or hot sites. Other variations or combinations of these can be found, but generally all variations retain similar core features found in one of these three site types.
Progressing from basic to advanced, the sites are described below:
Cold Sites are typically facilities with adequate space and infrastructure (electric power, telecommunications connections, and environmental controls) to support information system recovery activities.
ƒWarm Sites are partially equipped office spaces that contain some or all of the system hardware, software, telecommunications, and power sources.
Hot Sites are facilities appropriately sized to support system requirements and configured with the necessary system hardware, supporting infrastructure, and support personnel.
As discussed above, these three alternate site types are the most common. There are also variations, and hybrid mixtures of features from any one of the three. Each organization should evaluate its core requirements in order to establish the most effective solution.
Two examples of variations to the site types are:
ƒMobile Sites are self-contained, transportable shells custom-fitted with specific telecommunications and system equipment necessary to meet system requirements.
ƒMirrored Sites are fully redundant facilities with automated real-time information mirroring. Mirrored sites are identical to the primary site in all technical respects.
There are obvious cost and ready-time differences among the options. In these examples, the mirrored site is the most expensive choice, but it ensures virtually 100 percent availability. Cold sites are the least expensive to maintain, although they may require substantial time to acquire and install necessary equipment. Partially equipped sites, such as warm sites, fall in the middle of the spectrum. In many cases, mobile sites may be delivered to the desired location within 24 hours, but the time necessary for equipment installation and setup can increase this response time. The selection of fixed-site locations should account for the time and mode of transportation necessary to move personnel and/or equipment there. In addition, the fixed site should be in a geographic area that is unlikely to be negatively affected by the same hazard as the organization's primary site.
The following reference(s) were used for this question:
http://csrc.nist.gov/publications/nistpubs/800-34-rev1/sp800-34-rev1_errata-Nov11-2010.pdf


NEW QUESTION # 297
Which of the following does NOT concern itself with key management?

  • A. Internet Security Association Key Management Protocol (ISAKMP)
  • B. Cryptology (CRYPTO)
  • C. Diffie-Hellman (DH)
  • D. Key Exchange Algorithm (KEA)

Answer: B

Explanation:
Cryptology is the science that includes both cryptography and cryptanalysis and is not directly concerned with key management. Cryptology is the mathematics, such as number theory, and the application of formulas and algorithms, that underpin cryptography and cryptanalysis.
The following are all concerned with Key Management which makes them the wrong choices:
Internet Security Association Key Management Protocol (ISAKMP) is a key management protocol used by IPSec. ISAKMP (Internet Security Association and Key Management Protocol) is a protocol defined by RFC 2408 for establishing Security Associations (SA) and cryptographic keys in an Internet environment. ISAKMP only provides a framework for authentication and key exchange. The actual key exchange is done by the Oakley Key Determination Protocol which is a key-agreement protocol that allows authenticated parties to exchange keying material across an insecure connection using the Diffie-Hellman key exchange algorithm.
Diffie-Hellman and one variation of the Diffie-Hellman algorithm called the Key Exchange Algorithm (KEA) are also key exchange protocols. Key exchange (also known as "key establishment") is any method in cryptography by which cryptographic keys are exchanged between users, allowing use of a cryptographic algorithm. Diffie-Hellman key exchange (D-H) is a specific method of exchanging keys. It is one of the earliest practical examples of key exchange implemented within the field of cryptography. The Diffie-Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt subsequent communications using a symmetric key cipher.


NEW QUESTION # 298
The computations involved in selecting keys and in enciphering data are complex, and are not practical for manual use.
However, using mathematical properties of modular arithmetic and a method known as
"_________________," RSA is quite feasible for computer use.

  • A. computing in Galois fields
  • B. computing in Gallipoli fields
  • C. computing in Gladden fields
  • D. computing in Galbraith fields

Answer: A

Explanation:
The computations involved in selecting keys and in enciphering data are complex, and are not practical for manual use. However, using mathematical properties of modular arithmetic and a method known as computing in Galois fields, RSA is quite feasible for computer use.


NEW QUESTION # 299
Only law enforcement personnel are qualified to do computer forensic investigations.

  • A. False
  • B. True

Answer: A


NEW QUESTION # 300
Compared to RSA, which of the following is true of Elliptic Curve Cryptography(ECC)?

  • A. It is believed to require longer key for equivalent security.
  • B. It has been mathematically proved to be more secure.
  • C. It has been mathematically proved to be less secure.
  • D. It is believed to require shorter keys for equivalent security.

Answer: D

Explanation:
Explanation/Reference:
The following answers are incorrect: It has been mathematically proved to be less secure. ECC has not been proved to be more or less secure than RSA. Since ECC is newer than RSA, it is considered riskier by some, but that is just a general assessment, not based on mathematical arguments.
It has been mathematically proved to be more secure. ECC has not been proved to be more or less secure than RSA. Since ECC is newer than RSA, it is considered riskier by some, but that is just a general assessment, not based on mathematical arguments.
It is believed to require longer key for equivalent security. On the contrary, it is believed to require shorter keys for equivalent security of RSA.
Shon Harris, AIO v5 pg719 states:
"In most cases, the longer the key, the more protection that is provided, but ECC can provide the same level of protection with a key size that is shorter that what RSA requires" The following reference(s) were/was used to create this question:
ISC2 OIG, 2007 p. 258
Shon Harris, AIO v5 pg719


NEW QUESTION # 301
Each data packet is assigned the IP address of the sender and the IP address of the:

  • A. host.
  • B. node.
  • C. network.
  • D. recipient.

Answer: D

Explanation:
Section: Network and Telecommunications
Explanation/Reference:
Each data packet is assigned the IP address of the sender and the IP address of the recipient. The term network refers to the part of the IP address that identifies each network. The terms host and node refer to the parts of the IP address that identify a specific machine on a network.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 87.


NEW QUESTION # 302
Which of the following is the best reason for the use of an automated risk analysis tool?

  • A. Most software tools have user interfaces that are easy to use and does not require any training.
  • B. Much of the data gathered during the review cannot be reused for subsequent analysis.
  • C. Information gathering would be minimized and expedited due to the amount of information already built into the tool.
  • D. Automated methodologies require minimal training and knowledge of risk analysis.

Answer: C

Explanation:
Section: Risk, Response and Recovery
Explanation/Reference:
The use of tools simplifies this process. Not only do they usually have a database of assests, threats, and vulnerabilities but they also speed up the entire process.
Using Automated tools for performing a risk assessment can reduce the time it takes to perform them and can simplify the process as well. The better types of these tools include a well-researched threat population and associated statistics. Using one of these tools virtually ensures that no relevant threat is overlooked, and associated risks are accepted as a consequence of the threat being overlooked.
In most situations, the assessor will turn to the use of a variety of automated tools to assist in the vulnerability assessment process. These tools contain extensive databases of specific known vulnerabilities as well as the ability to analyze system and network configuration information to predict where a particular system might be vulnerable to different types of attacks. There are many different types of tools currently available to address a wide variety of vulnerability assessment needs. Some tools will examine a system from the viewpoint of the network, seeking to determine if a system can be compromised by a remote attacker exploiting available services on a particular host system. These tools will test for open ports listening for connections, known vulnerabilities in common services, and known operating system exploits.
Michael Gregg says:
Automated tools are available that minimize the effort of the manual process. These programs enable users to rerun the analysis with different parameters to answer "what-ifs." They perform calculations quickly and can be used to estimate future expected losses easier than performing the calculations manually.
Shon Harris in her latest book says:
The gathered data can be reused, greatly reducing the time required to perform subsequent analyses. The risk analysis team can also print reports and comprehensive graphs to present to management.
Reference(s) used for this question:
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 4655-4661). Auerbach Publications. Kindle Edition.
and
CISSP Exam Cram 2 by Michael Gregg
and
Harris, Shon (2012-10-25). CISSP All-in-One Exam Guide, 6th Edition (Kindle Locations 2333-2335). McGraw- Hill. Kindle Edition.
The following answers are incorrect:
Much of the data gathered during the review cannot be reused for subsequent analysis. Is incorrect because the data can be reused for later analysis.
Automated methodologies require minimal training and knowledge of risk analysis. Is incorrect because it is not the best answer. While a minimal amount of training and knowledge is needed, the analysis should still be performed by skilled professionals.
Most software tools have user interfaces that are easy to use and does not require any training. Is incorrect because it is not the best answer. While many of the user interfaces are easy to use it is better if the tool already has information built into it. There is always a training curve when any product is being used for the first time.


NEW QUESTION # 303
What mechanism automatically causes an alarm originating in a data center to be transmitted over the local municipal fire or police alarm circuits for relaying to both the local police/fire station and the appropriate headquarters?

  • A. A remote station alarm
  • B. Proprietary alarm
  • C. An auxiliary station alarm
  • D. Central station alarm

Answer: C

Explanation:
Explanation/Reference:
Auxiliary station alarms automatically cause an alarm originating in a data center to be transmitted over the local municipal fire or police alarm circuits for relaying to both the local police/fire station and the appropriate headquarters. They are usually Municipal Fire Alarm Boxes are installed at your business or building, they are wired directly into the fire station.
Central station alarms are operated by private security organizations. It is very similar to a proprietary alarm system (see below). However, the biggest difference is the monitoring and receiving of alarm is done off site at a central location manned by non staff members. It is a third party.
Proprietary alarms are similar to central stations alarms except that monitoring is performed directly on the protected property. This type of alarm is usually use to protect large industrials or commercial buildings.
Each of the buildings in the same vincinity has their own alarm system, they are all wired together at a central location within one of the building acting as a common receiving point. This point is usually far away from the other building so it is not under the same danger. It is usually man 24 hours a day by a trained team who knows how to react under different conditions.
A remote station alarm is a direct connection between the signal-initiating device at the protected property and the signal-receiving device located at a remote station, such as the fire station or usually a monitoring service. This is the most popular type of implementation and the owner of the premise must pay a monthly monitoring fee. This is what most people use in their home where they get a company like ADT to receive the alarms on their behalf.
A remote system differs from an auxiliary system in that it does not use the municipal fire of police alarm circuits.
Reference(s) used for this question:
ANDRESS, Mandy, Exam Cram CISSP, Coriolis, 2001, Chapter 11: Physical Security (page 211).
and
Great presentation J.T.A. Stone on SlideShare


NEW QUESTION # 304
Which OSI/ISO layer is the Media Access Control (MAC) sublayer part of?

  • A. Network layer
  • B. Data link layer
  • C. Transport layer
  • D. Physical layer

Answer: B

Explanation:
Explanation/Reference:
The data link layer contains the Logical Link Control sublayer and the Media Access Control (MAC) sublayer.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3: Telecommunications and Network Security (page
83).


NEW QUESTION # 305
What can best be described as a domain of trust that shares a single security policy and single management?

  • A. The security perimeter
  • B. A security domain
  • C. The reference monitor
  • D. The security kernel

Answer: B

Explanation:
Explanation/Reference:
A security domain is a domain of trust that shares a single security policy and single management.
The term security domain just builds upon the definition of domain by adding the fact that resources within this logical structure (domain) are working under the same security policy and managed by the same group.
So, a network administrator may put all of the accounting personnel, computers, and network resources in Domain 1 and all of the management personnel, computers, and network resources in Domain 2. These items fall into these individual containers because they not only carry out similar types of business functions, but also, and more importantly, have the same type of trust level. It is this common trust level that allows entities to be managed by one single security policy.
The different domains are separated by logical boundaries, such as firewalls with ACLs, directory services making access decisions, and objects that have their own ACLs indicating which individuals and groups can carry out operations on them.
All of these security mechanisms are examples of components that enforce the security policy for each domain. Domains can be architected in a hierarchical manner that dictates the relationship between the different domains and the ways in which subjects within the different domains can communicate. Subjects can access resources in domains of equal or lower trust levels.
The following are incorrect answers:
The reference monitor is an abstract machine which must mediate all access to subjects to objects, be protected from modification, be verifiable as correct, and is always invoked. Concept that defines a set of design requirements of a reference validation mechanism (security kernel), which enforces an access control policy over subjects' (processes, users) ability to perform operations (read, write, execute) on objects (files, resources) on a system. The reference monitor components must be small enough to test properly and be tamperproof.
The security kernel is the hardware, firmware and software elements of a trusted computing base that implement the reference monitor concept.
The security perimeter includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted. not every process and resource falls within the TCB, so some of these components fall outside of an imaginary boundary referred to as the security perimeter. A security perimeter is a boundary that divides the trusted from the untrusted. For the system to stay in a secure and trusted state, precise communication standards must be developed to ensure that when a component within the TCB needs to communicate with a component outside the TCB, the communication cannot expose the system to unexpected security compromises. This type of communication is handled and controlled through interfaces.
Reference(s) used for this question:
Harris, Shon (2012-10-25). CISSP All-in-One Exam Guide, 6th Edition (Kindle Locations 28548-28550).
McGraw-Hill. Kindle Edition.
Harris, Shon (2012-10-25). CISSP All-in-One Exam Guide, 6th Edition (Kindle Locations 7873-7877).
McGraw-Hill. Kindle Edition.
Harris, Shon (2012-10-25). CISSP All-in-One Exam Guide, 6th Edition , Access Control, Page 214-217 Schneiter, Andrew (2013-04-15). Official (ISC)2 Guide to the CISSP CBK, Third Edition : Security Architecture and Design (Kindle Locations 1280-1283). . Kindle Edition.
TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.
AIO 6th edition chapter 3 access control page 214-217 defines Security domains. Reference monitor, Security Kernel, and Security Parameter are defined in Chapter 4, Security Architecture and Design.


NEW QUESTION # 306
Which of the following centralized access control mechanisms is the least appropriate for mobile workers accessing the corporate network over analog lines?

  • A. TACACS
  • B. CHAP
  • C. Call-back
  • D. RADIUS

Answer: C

Explanation:
Explanation/Reference:
Call-back allows for a distant user connecting into a system to be called back at a number already listed in a database of trusted users. The disadvantage of this system is that the user must be at a fixed location whose phone number is known to the authentication server. Being mobile workers, users are accessing the system from multiple locations, making call-back inappropriate for them.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 2: Access control systems (page 44).


NEW QUESTION # 307
Which type of password token involves time synchronization?

  • A. Challenge-response tokens
  • B. Asynchronous dynamic password tokens
  • C. Static password tokens
  • D. Synchronous dynamic password tokens

Answer: D

Explanation:
Explanation/Reference:
Synchronous dynamic password tokens generate a new unique password value at fixed time intervals, so the server and token need to be synchronized for the password to be accepted.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 2: Access control systems (page 37).
Also check out: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter 4: Access Control (page 136).


NEW QUESTION # 308
Which of the following pairings uses technology to enforce access control policies?

  • A. Detective/Administrative
  • B. Preventive/Physical
  • C. Preventive/Administrative
  • D. Preventive/Technical

Answer: D

Explanation:
The preventive/technical pairing uses technology to enforce access control policies.
TECHNICAL CONTROLS
Technical security involves the use of safeguards incorporated in computer hardware, operations or applications software, communications hardware and software, and related devices. Technical controls are sometimes referred to as logical controls.
Preventive Technical Controls
Preventive technical controls are used to prevent unauthorized personnel or programs from gaining remote access to computing resources. Examples of these controls include:
Access control software.
Antivirus software.
Library control systems.
Passwords.
Smart cards.
Encryption.
Dial-up access control and callback systems.
Preventive Physical Controls
Preventive physical controls are employed to prevent unauthorized personnel from entering computing facilities (i.e., locations housing computing resources, supporting utilities, computer hard copy, and input data media) and to help protect against natural disasters. Examples of these controls include:
Backup files and documentation.
Fences.
Security guards.
Badge systems.
Double door systems.
Locks and keys.
Backup power.
Biometric access controls.
Site selection.
Fire extinguishers.
Preventive Administrative Controls
Preventive administrative controls are personnel-oriented techniques for controlling people's behavior to ensure the confidentiality, integrity, and availability of computing data and programs.
Examples of preventive administrative controls include:
Security awareness and technical training.
Separation of duties.
Procedures for recruiting and terminating employees.
Security policies and procedures.
Supervision.
Disaster recovery, contingency, and emergency plans.
User registration for computer access.


NEW QUESTION # 309
What can a packet filtering firewall also be called?

  • A. a sniffing router
  • B. a screening router
  • C. a shielding router
  • D. a scanning router

Answer: B

Explanation:
While neither CBK nor AIO3 use the term "screening router," they both discuss how the packet filtering capabilities of a router can be used to block traffic much like a packet filtering firewall. Krutz and Vine use this term on p. 90.
"A scanning router" is incorrect. This is a nonsense term to distract you. "A shielding router" is incorrect. This is a nonsense term to distract you. "A sniffing router" is incorrect. This is a nonsense term to distract you.
References:
CBK, p. 433 AIO3, pp.484 - 485


NEW QUESTION # 310
Which of the following statements pertaining to RADIUS is incorrect:

  • A. Most of RADIUS clients have a capability to query secondary RADIUS servers for redundancy.
  • B. A RADIUS server can act as a proxy server, forwarding client requests to other authentication domains.
  • C. Most RADIUS servers can work with DIAMETER servers.
  • D. Most RADIUS servers have built-in database connectivity for billing and reporting purposes.

Answer: C

Explanation:
This is the correct answer because it is FALSE.
Diameter is an AAA protocol, AAA stands for authentication, authorization and accounting protocol for computer networks, and it is a successor to RADIUS.
The name is a pun on the RADIUS protocol, which is the predecessor (a diameter is twice the radius).
The main differences are as follows:
Reliable transport protocols (TCP or SCTP, not UDP) The IETF is in the process of standardizing TCP Transport for RADIUS Network or transport layer security (IPsec or TLS) The IETF is in the process of standardizing Transport Layer Security for RADIUS Transition support for RADIUS, although Diameter is not fully compatible with RADIUS Larger address space for attribute-value pairs (AVPs) and identifiers (32 bits instead of 8 bits) Client-server protocol, with exception of supporting some server-initiated messages as well Both stateful and stateless models can be used Dynamic discovery of peers (using DNS SRV and NAPTR) Capability negotiation Supports application layer acknowledgements, defines failover methods and state machines (RFC 3539) Error notification Better roaming support More easily extended; new commands and attributes can be defined Aligned on 32-bit boundaries Basic support for user-sessions and accounting
A Diameter Application is not a software application, but a protocol based on the Diameter base protocol (defined in RFC 3588). Each application is defined by an application identifier and can add new command codes and/or new mandatory AVPs. Adding a new optional AVP does not require a new application.
Examples of Diameter applications:
Diameter Mobile IPv4 Application (MobileIP, RFC 4004)
Diameter Network Access Server Application (NASREQ, RFC 4005)
Diameter Extensible Authentication Protocol (EAP) Application (RFC 4072)
Diameter Credit-Control Application (DCCA, RFC 4006)
Diameter Session Initiation Protocol Application (RFC 4740)
Various applications in the 3GPP IP Multimedia Subsystem
All of the other choices presented are true. So Diameter is backwork compatible with
Radius (to some extent) but the opposite is false.
Reference(s) used for this question:
TIPTON, Harold F. & KRAUSE, MICKI, Information Security Management Handbook, 4th
Edition, Volume 2, 2001, CRC Press, NY, Page 38.
and
https://secure.wikimedia.org/wikipedia/en/wiki/Diameter_%28protocol%29


NEW QUESTION # 311
Attributable data should be:

  • A. always traced to individuals responsible for observing and recording the data
  • B. never traced to individuals responsible for observing and recording the data
  • C. sometimes traced to individuals responsible for observing and recording the data
  • D. often traced to individuals responsible for observing and recording the data

Answer: A

Explanation:
Section: Analysis and Monitoring
Explanation/Reference:
As per FDA data should be attributable, original, accurate, contemporaneous and legible. In an automated system attributability could be achieved by a computer system designed to identify individuals responsible for any input.
Source: U.S. Department of Health and Human Services, Food and Drug Administration, Guidance for Industry
- Computerized Systems Used in Clinical Trials, April 1999, page 1.


NEW QUESTION # 312
Which of the following remote access authentication systems is the most robust?

  • A. TACACS
  • B. TACACS+
  • C. RADIUS
  • D. PAP

Answer: B

Explanation:
TACACS+ is a proprietary Cisco enhancement to TACACS and is more robust than RADIUS.
PAP is not a remote access authentication system but a remote node security protocol.


NEW QUESTION # 313
Which of the following should be emphasized during the Business Impact Analysis (BIA) considering that the BIA focus is on business processes?

  • A. Priorities
  • B. Service levels
  • C. Composition
  • D. Dependencies

Answer: D

Explanation:
Explanation/Reference:
The Business Impact Analysis (BIA) identifies time-critical aspects of the critical business processes, and determines their maximum tolerable downtime. The BIA helps to Identify organization functions, the capabilities of each organization unit to handle outages, and the priority and sequence of functions and applications to be recovered, identify resources required for recovery of those areas and interdependencies
In performing the Business Impact Analysis (BIA) it is very important to consider what the dependencies are. You cannot bring a system up if it depends on another system to be operational. You need to look at not only internal dependencies but external as well. You might not be able to get the raw materials for your business so dependencies are very important aspect of a BIA.
The BIA committee will not truly understand all business processes, the steps that must take place, or the resources and supplies these processes require. So the committee must gather this information from the people who do know- department managers and specific employees throughout the organization. The committee starts by identifying the people who will be part of the BIA data-gathering sessions. The committee needs to identify how it will collect the data from the selected employees, be it through surveys, interviews, or workshops. Next, the team needs to collect the information by actually conducting surveys, interviews, and workshops. Data points obtained as part of the information gathering will be used later during analysis. It is important that the team members ask about how different tasks- whether processes, transactions, or services, along with any relevant dependencies- get accomplished within the organization.
The following answers are incorrect:
composition This is incorrect because it is not the best answer. While the make up of business may be important, if you have not determined the dependencies first you may not be able to bring the critical business processes to a ready state or have the materials on hand that are needed.
priorities This is incorrect because it is not the best answer. While the priorities of processes are important, if you have not determined the dependencies first you may not be able to bring the critical business processes to a ready state or have the materials on hand that are needed.
service levels This is incorrect because it is not the best answer. Service levels are not as important as dependencies.
Reference(s) used for this question:
Schneiter, Andrew (2013-04-15). Official (ISC)2 Guide to the CISSP CBK, Third Edition : Business Continuity and Disaster Recovery Planning (Kindle Locations 188-191). . Kindle Edition.
and
Harris, Shon (2012-10-25). CISSP All-in-One Exam Guide, 6th Edition (Kindle Locations 18562-18568).
McGraw-Hill. Kindle Edition.


NEW QUESTION # 314
Which of the following is an IDS that acquires data and defines a "normal" usage profile for the network or host?

  • A. inferential anomaly-based ID
  • B. Statistical Anomaly-Based ID
  • C. dynamical anomaly-based ID
  • D. Signature-Based ID

Answer: B

Explanation:
Section: Analysis and Monitoring
Explanation/Reference:
Statistical Anomaly-Based ID - With this method, an IDS acquires data and defines a "normal" usage profile for the network or host that is being monitored.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 49.


NEW QUESTION # 315
The main difference between MD5 and SHA is what?

  • A. Security - MD5 can be forged and SHA cannot
  • B. Security - SHA can be forged and MD5 cannot
  • C. MD5 has 160 bit signature and SHA has a 128 bit signature
  • D. SHA has 160 bit signature and MD5 has a 128 bit signature

Answer: D


NEW QUESTION # 316
Which of the following are WELL KNOWN PORTS assigned by the IANA?

  • A. Ports 0 to 255
  • B. Ports 0 to 1023
  • C. Ports 0 to 1024
  • D. Ports 0 to 127

Answer: B

Explanation:
The port numbers are divided into three ranges: the Well Known Ports, the Registered Ports, and the Dynamic and/or Private Ports. The range for assigned "Well Known" ports managed by the IANA (Internet Assigned Numbers Authority) is 0-1023.
Source: iana.org: port assignments.


NEW QUESTION # 317
......

[Oct-2024] Pass ISC SSCP Exam in First Attempt Guaranteed: https://drive.google.com/open?id=1fgvGDvuaWZIabCiF-5-PmQ8Ld7i5UzQM

Reduce Your Chance of Failure in SSCP Exam: https://www.validvce.com/SSCP-exam-collection.html

Related Articles

more
ISC SSCP Certification Practice Exam

We are dedicated in providing the most reliable and latest vce dumps for certification exam, our valid dumps and free vce files will guarantee you pass test 100%.

Latest VCE Dumps

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 ValidVCE NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy