CISSP Concept study 5

126 who issues digital certificates?
certificate authorities(CAs)

127 true or false? PEM provides protection against replay attacks.
False

128 what protocol uses the RSA encryption algorithm to provide encrypted mail support for a number of common commercial email packages?
S/MIME

129 True or false? S-HTTP secures individual messages between a client and a server
True

130 What cryptographic methods are used by the Secure Electronic Transaction (SET) protocol?
RSA public key Cryptography and DES private key cryptography in connection with digital certificates.

131 what are the four components of IPSec?
Authentication header, Encapsulating Security Payload, IP Payload Compression protocol, and Internet Key Exchange.

132 what type of cryptographic attack is used against algorithms that don't incorporate temporal protections?
Replay attack.

133 what are some common reasons a certificate might need to be revoked?
the certificate was compromised, the certificate was erroneously issued, the certificate details changed, and there was a change of security association.

134 what type of cryptography relies upon the use of public and private keys?
Asymmetric -- having two sides that are different in shape

135 what technology allows multiple users to make use of the same process without interfering with each other?
Multithreading

136 what is the maximum number of processors that an SMP system can utilize?
16
137 what are some of the terms used to describe the CPU mode that gives access to the full range of supported instructions?
system mode, privileged mode, supervisory mode, and kernel mode.

138 what is the greatest security risk to RAM chips?
theft

139 what addressing scheme supplies the CPU with the actual address of the memory location to be accessed?
Direct addressing

140 magnetic / optical media devices are classified as what type of memory?
secondary

141 magnetic /optical media devices are classified as what type of storage?
secondary

142 memory devices designed to retain their data when power is removed are know as nonvolatile

143 what two ways can storage devices be accessed?
Randomly and sequentially

144 what is the greatest security risk to computer monitors?
Tempest technology

145 what is another term often used for firmware?
Microcode
146 where are the operating system-independent primitive instructions that a computer needs to start and load the operating system stored?
BIOS

147 what concept ensure that data existing at one level of security is not visible to processes running at different security levels?
Data hiding

148 what are the important factors in personnel management?
Hiring practices, ongoing job performance reviews, and termination procedures

149 what security mechanisms are countermeasures to collusion?
job rotation, separation of duties, mandatory vacations强制休假, workstation change.

150 why is antivirus protection important?
viruses are the most common form of security breach in the IT world.
any communications pathway can and is being exploited as a delivery mechanism for a virus or other malicious code.