Pass the ISC 2 Credentials CISSP Questions and answers with ValidTests

Role Based Access Control (RBAC) is a model of access control that assigns permissions to users based on their roles, rather than their individual identities. The core component of RBAC is the role, which is a collection of permissions that define what operations a user can perform on what protected objects. The required data elements for RBAC are:

Users: The entities that request access to the protected objects. Users can have one or more roles assigned to them, depending on their functions and responsibilities in the organization.

Roles: The logical groups of permissions that grant access to the protected objects. Roles can be defined based on job titles, business functions, projects, or other criteria. Roles can also be hierarchical, meaning that a role can inherit permissions from another role.

Operations: The actions that can be performed on the protected objects, such as read, write, delete, execute, etc. Operations can be defined at different levels of granularity, depending on the security requirements and the nature of the protected objects.

Protected objects: The resources that are subject to access control, such as files, databases, applications, devices, networks, etc. Protected objects can have different attributes, such as owner, type, location, classification, etc., that can affect the access decisions.

Section: Security Operations

 The security access policy that contains fixed security attributes that are used by the system to determine a user’s access to a file or object is Mandatory Access Control (MAC). MAC is a type of access control model that assigns permissions to users and objects based on their security labels, which indicate their level of sensitivity or trustworthiness. MAC is enforced by the system or the network, rather than by the owner or the creator of the object, and it cannot be modified or overridden by the users. MAC can provide some benefits for security, such as enhancing the confidentiality and the integrity of the data, preventing unauthorized access or disclosure, and supporting the audit and compliance activities. MAC is commonly used in military or government environments, where the data is classified according to its level of sensitivity, such as top secret, secret, confidential, or unclassified. The users are granted security clearance based on their level of trustworthiness, such as their background, their role, or their need to know. The users can only access the objects that have the same or lower security classification than their security clearance, and the objects can only be accessed by the users that have the same or higher security clearance than their security classification. This is based on the concept of no read up and no write down, which requires that a user can only read data of lower or equal sensitivity level, and can only write data of higher or equal sensitivity level. MAC contains fixed security attributes that are used by the system to determine a user’s access to a file or object, by using the following methods:

Assigning security labels to the users and the objects, which consist of a security classification and a set of security categories. The security classification indicates the level of sensitivity of the data, such as top secret, secret, confidential, or unclassified. The security categories indicate the subject matter or the scope of the data, such as nuclear, military, or intelligence. The security labels are attached to the users and the objects as metadata or tags, and they cannot be changed or removed by the users.

Comparing the security labels of the users and the objects, using a reference monitor or an access control matrix. The reference monitor is a software component that intercepts and evaluates the requests for access to the objects, and grants or denies the access based on the security labels of the users and the objects. The access control matrix is a data structure that lists the users and the objects, and the permissions that each user has on each object, based on the security labels of the users and the objects.

The first step when purchasing Commercial Off-The-Shelf (COTS) software is to establish policies and procedures on system and services acquisition. This involves defining the objectives, scope, and criteria for acquiring the software, as well as the roles and responsibilities of the stakeholders involved in the acquisition process. The policies and procedures should also address the legal, contractual, and regulatory aspects of the acquisition, such as the terms and conditions, the service level agreements, and the compliance requirements. Undergoing a security assessment, establishing a risk management strategy, and hardening the hosting server are not the first steps when purchasing COTS software, but they may be part of the subsequent steps, such as the evaluation, selection, and implementation of the software. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 1: Security and Risk Management, page 64; Official (ISC)2 Guide to the CISSP CBK, Fifth Edition, Chapter 1: Security and Risk Management, page 56.

 The foundation of cryptographic functions is entropy. Entropy is a measure of the randomness or unpredictability of a system or a process. Entropy is essential for cryptographic functions, such as encryption, decryption, hashing, or key generation, as it provides the security and the strength of the cryptographic algorithms and keys. Entropy can be derived from various sources, such as physical phenomena, user input, or software applications. Entropy can also be quantified in terms of bits, where higher entropy means higher randomness and higher security. Encryption, cipher, and hash are not the foundation of cryptographic functions, although they are related or important concepts or techniques. Encryption is the process of transforming plaintext or cleartext into ciphertext or cryptogram, using a cryptographic algorithm and a key, to protect the confidentiality and the integrity of the data. Encryption can be symmetric or asymmetric, depending on whether the same or different keys are used for encryption and decryption. Cipher is another term for a cryptographic algorithm, which is a mathematical function that performs encryption or decryption. Cipher can be classified into various types, such as substitution, transposition, stream, or block, depending on how they operate on the data. Hash is the process of generating a fixed-length and unique output, called a hash or a digest, from a variable-length and arbitrary input, using a one-way function, to verify the integrity and the authenticity of the data. Hash can be used for various purposes, such as digital signatures, message authentication codes, or password storage. 

 The main use of Layer 2 Tunneling Protocol (L2TP) is to tunnel data in the Point-to-Point Protocol (PPP). L2TP is a tunneling protocol that operates at the data link layer (Layer 2) of the OSI model, and is used to support virtual private networks (VPNs) or as part of the delivery of services by ISPs. L2TP does not provide encryption or authentication by itself, but it can be combined with IPsec to provide security and confidentiality for the tunneled data. L2TP is commonly used to tunnel PPP sessions over an IP network, such as the Internet. PPP is a protocol that establishes a direct connection between two nodes, and provides authentication, encryption, and compression for the data transmitted over the connection. PPP is often used to connect a remote client to a corporate network, or a user to an ISP. By using L2TP to encapsulate PPP packets, the connection can be extended over a public or shared network, creating a VPN. This way, the user can access the network resources and services securely and transparently, as if they were directly connected to the network. The other options are not the main use of L2TP, as they involve different protocols or layers. L2TP does not tunnel data through a firewall, but rather over an IP network. L2TP does not operate at the session layer or the transport layer, but at the data link layer. L2TP does not use the Payload Compression Protocol (PCP), but rather the Point-to-Point Protocol (PPP). References: Layer 2 Tunneling Protocol - Wikipedia; What is the Layer 2 Tunneling Protocol (L2TP)? - NordVPN; Understanding VPN protocols: OpenVPN, L2TP, WireGuard & more.

 Cookie manipulation is a technique that allows an attacker to intercept, modify, or forge a cookie, which is a piece of data that is used to maintain the state of a web session. By manipulating the cookie, the attacker can hijack the session and gain unauthorized access to the web application. Known-plaintext attack, DoS, and SQL injection are not directly related to session hijacking, although they can be used for other purposes, such as breaking encryption, disrupting availability, or executing malicious commands. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 6: Communication and Network Security, page 729; Official (ISC)2 Guide to the CISSP CBK, Fifth Edition, Chapter 4: Communication and Network Security, page 522.

A security impact analysis is a process of assessing the potential effects of a change on the security posture of a system. It helps to identify and mitigate any security risks that may arise from the change, such as new vulnerabilities, configuration errors, or compliance issues. A security impact analysis should be conducted after following the change management plan and before implementing the change in the production environment. Conducting an A&A, reviewing the results of a vulnerability scan, or conducting a gap analysis with the baseline configuration are also possible steps to ensure the security of a system, but they are not specific to the change management process. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 8: Software Development Security, page 961; Official (ISC)2 Guide to the CISSP CBK, Fifth Edition, Chapter 8: Security Operations, page 1013.

Standardized configurations for devices can help to reduce the complexity and variability of the systems that need to be patched, and thus facilitate the testing of patch compatibility. Standardized configurations can also help to ensure that the patches are applied consistently and correctly across the organization. Standardized patch testing equipment, automated system patching, and management support for patching are also important factors for effective patch management, but they are not directly related to testing patch compatibility. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 5: Security Engineering, page 605; Official (ISC)2 Guide to the CISSP CBK, Fifth Edition, Chapter 3: Security Architecture and Engineering, page 386.

The primary role of a scrum master in agile development is to match the software requirements to the delivery plan. A scrum master is a facilitator who helps the development team and the product owner to collaborate and deliver the software product incrementally and iteratively, following the agile principles and practices. A scrum master is responsible for ensuring that the team follows the scrum framework, which includes defining the product backlog, planning the sprints, conducting the daily stand-ups, reviewing the deliverables, and reflecting on the process. A scrum master is not responsible for choosing the primary development language, the integrated development environment, or project managing the software delivery, although they may provide guidance and support to the team on these aspects. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 8: Software Development Security, page 933; Official (ISC)2 Guide to the CISSP CBK, Fifth Edition, Chapter 7: Software Development Security, page 855.

 The most common method of memory protection is segmentation. Segmentation is a technique that divides the memory space into logical segments, such as code, data, stack, and heap. Each segment has its own attributes, such as size, location, access rights, and protection level. Segmentation can help to isolate and protect the memory segments from unauthorized or unintended access, modification, or execution, as well as to prevent memory corruption, overflow, or leakage. Compartmentalization, error correction, and VLAN tagging are not methods of memory protection, but of information protection, data protection, and network protection, respectively. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 5: Security Engineering, page 589; Official (ISC)2 Guide to the CISSP CBK, Fifth Edition, Chapter 3: Security Architecture and Engineering, page 370.

A negative testing strategy is a type of software testing that aims to verify how the system handles invalid or unexpected inputs, errors, or conditions. A negative testing strategy can help identify potential bugs, vulnerabilities, or failures that could compromise the functionality, security, or usability of the system. One example of a negative testing strategy is to enter only numbers in a web form that expects a text input, such as a name or an email address, and verify that the website prompts the user to enter a valid input. This can help ensure that the website has proper input validation and error handling mechanisms, and that it does not accept or process any malicious or malformed data. A web scanner, a code review, and a secure connection are not examples of a negative testing strategy, as they do not involve providing invalid or unexpected inputs to the system.

The most challenging issue in apprehending cyber criminals is that the crime is often committed from a different jurisdiction. This means that the cyber criminals may operate from a different country or region than the victim or the target, and thus may be subject to different laws, regulations, and enforcement agencies. This can create difficulties and delays in identifying, locating, and prosecuting the cyber criminals, as well as in obtaining and preserving the digital evidence. The other issues, such as the sophistication of the methods, the integrity of the evidence, and the lack of physical evidence, are also challenges in apprehending cyber criminals, but they are not as significant as the jurisdiction issue. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 4: Security Operations, page 475; Official (ISC)2 Guide to the CISSP CBK, Fifth Edition, Chapter 4: Communication and Network Security, page 544.

A Trusted Platform Module (TPM) is a secure processor targeted at managing digital keys and accelerating digital signing. A TPM is a cryptoprocessor chip that is embedded on a motherboard or a device, and that provides a secure and trustworthy environment for the execution and the storage of cryptographic operations and keys. A TPM can provide some benefits for security, such as enhancing the confidentiality and integrity of the data and the code, preventing unauthorized modifications or tampering, and enabling remote attestation or verification. A TPM can perform various functions, such as:

Generating and storing digital keys, such as asymmetric keys, symmetric keys, or hash keys, in a non-volatile and tamper-resistant storage. A TPM can also protect the keys from being exported or copied, and can use them for encryption, decryption, signing, or verification purposes.

Accelerating digital signing, which is the process of generating and attaching a digital signature to a message or a document, using a cryptographic algorithm and a private key, to verify the authenticity and the integrity of the sender and the data. A TPM can speed up the digital signing process by using a dedicated hardware module, rather than a software application, and by using a secure and fast algorithm, such as RSA or ECC.

Measuring and reporting the state of a computing platform, which is the process of collecting and verifying the information about the hardware and software components of a system or a device, such as the BIOS, the boot loader, the operating system, or the applications. A TPM can measure the state of a computing platform by using a mechanism called Trusted Boot, which involves creating and storing a hash or a digest of each component as it is loaded, and comparing it with a known and trusted value. A TPM can also report the state of a computing platform by using a mechanism called Remote Attestation, which involves sending the hash or the digest of each component to a remote verifier, who can check the validity and the trustworthiness of the system or the device.

A non-volatile tamper-resistant storage for storing both data and signing keys in a secure fashion, a protected Pre-Basic Input/Output System (BIOS) which specifies a method or a metric for “measuring” the state of a computing platform, and a platform-independent software interface for accessing computer functions are not part of a TPM, although they may be related or useful concepts or techniques. A non-volatile tamper-resistant storage for storing both data and signing keys in a secure fashion is a feature or a component of a TPM, but it is not the whole TPM. A non-volatile tamper-resistant storage is a type of memory or device that can retain the data and the keys even when the power is off, and that can resist physical or logical attacks or modifications. A non-volatile tamper-resistant storage can provide some benefits for security, such as enhancing the availability and the integrity of the data and the keys, preventing data loss or corruption, and facilitating the recovery and the restoration process. A protected Pre-Basic Input/Output System (BIOS) which specifies a method or a metric for “measuring” the state of a computing platform is a function or a result of a TPM, but it is not the whole TPM. A protected Pre-Basic Input/Output System (BIOS) is a firmware or a software that is responsible for initializing and testing the hardware and software components of a system or a device, and for loading and executing the operating system. A protected Pre-Basic Input/Output System (BIOS) can provide some benefits for security, such as enhancing the performance and the functionality of the system or the device, preventing or mitigating some types of attacks or vulnerabilities, and supporting the audit and the compliance activities. A platform-independent software interface for accessing computer functions is a concept or a technique that is related to a TPM, but it is not the whole TPM. A platform-independent software interface is a software component or a layer that allows a user or an application to access and use the functions or the features of a computer system or a device, regardless of the type or the nature of the system or the device, such as the hardware, the software, or the operating system. A platform-independent software interface can provide some benefits for security, such as enhancing the usability and the interoperability of the system or the device, supporting the encryption and the authentication mechanisms, and enabling the segmentation and isolation of the system or the device.

The best mechanism to prevent a Cross-Site Request Forgery (CSRF) attack is to use synchronized session tokens. A CSRF attack is a type of web application vulnerability that exploits the trust that a site has in a user’s browser. A CSRF attack occurs when a malicious site, email, or link tricks a user’s browser into sending a forged request to a vulnerable site, where the user is already authenticated. The vulnerable site cannot distinguish between the legitimate and the forged requests, and may perform an unwanted action on behalf of the user, such as changing a password, transferring funds, or deleting data. Synchronized session tokens are a technique to prevent CSRF attacks by adding a random and unique value to each request that is generated by the server and verified by the server before processing the request. The token is usually stored in a hidden form field or a custom HTTP header, and is tied to the user’s session. The token ensures that the request originates from the same site that issued it, and not from a malicious site. Synchronized session tokens are also known as CSRF tokens, anti-CSRF tokens, or state tokens. Parameterized database queries, whitelist input values, and use strong ciphers are not mechanisms to prevent CSRF attacks, although they may be useful for other types of web application vulnerabilities. Parameterized database queries are a technique to prevent SQL injection attacks by using placeholders or parameters for user input, instead of concatenating or embedding user input directly into the SQL query. Parameterized database queries ensure that the user input is treated as data and not as part of the SQL command. Whitelist input values are a technique to prevent input validation attacks by allowing only a predefined set of values or characters for user input, instead of rejecting or filtering out unwanted or malicious values or characters. Whitelist input values ensure that the user input conforms to the expected format and type. Use strong ciphers are a technique to prevent encryption attacks by using cryptographic algorithms and keys that are resistant to brute force, cryptanalysis, or other attacks. Use strong ciphers ensure that the encrypted data is confidential, authentic, and integral.