CCCURE试题.docx
《CCCURE试题.docx》由会员分享,可在线阅读,更多相关《CCCURE试题.docx(96页珍藏版)》请在冰豆网上搜索。
CCCURE试题
1.Question:
|Difficulty:
4/5|Relevancy:
3/3
Asharedresourcematrixisatechniquecommonlyusedtolocate:
o
Maliciouscode
o
Securityflaws
o
Trapdoors
o›
Covertchannels
Congratulations,yougotthecorrectanswer!
Detailscanbereviewedbelow.
Details
Submitacommentonthisquestion
Thecorrectansweris:
covertchannels
Analyzingresourcesofasystemisonestandardforlocatingcovertchannelsbecausethebasisofacovertchannelisasharedresource.
Thefollowingpropertiesmustholdforastoragechanneltoexist:
1.Bothsendingandreceivingprocessmusthaveaccesstothesameattributeofasharedobject.
2.Thesendingprocessmustbeabletomodifytheattributeofthesharedobject.
3.Thereceivingprocessmustbeabletoreferencethatattributeofthesharedobject.
4.Amechanismforinitiatingbothprocessesandproperlysequencingtheirrespectiveaccessestothesharedresourcemustexist.
Note:
Similarpropertiesfortimingchannelcanbelisted
Thefollowinganswersareincorrect:
AllotheranswerswerenotdirectlyrelatedtodiscoveryofCovertChannels.
Thefollowingreference(s)were/wasusedtocreatethisquestion:
AuerbachPublications, AuerbachPublications(TestSeries)-CRCPressLLC,PageNo.225
and
http:
//e-articles.info/e/a/title/Covert-Channels/
Questioncontributedby:
Eit
EmailorCCCureNicknameofquestionauthor:
Eit
Questionreviewedby:
ClementDupuis
Questioncommentsubmitedby:
Studyarea:
CISAdomain#1-TheISAuditProcess
Thisquestion©Copyright2003–2009cccure.org.Allrightsreserved.Nounauthorizeduseorduplicationwithoutexplicitwrittenpermissionofauthorandofcccure.org.
2.Question:
|Difficulty:
1/5|Relevancy:
3/3
Whichofthefollowingisadetectivecontrol?
o
Segregationofduties
o
Back-upprocedures
o›
Audittrails
o
Physicalaccesscontrol
Youdidnotprovideanyanswertothisquestion.Pleasereviewdetailsbelow.
Details
Submitacommentonthisquestion
Audittrailscaptureinformation,whichcanbeusedfordetectingerrors.Therefore,theyareconsideredtobedetectivecontrols.Back-upproceduresarecorrectivecontrolswhereassegregationofdutiesandphysicalaccesscontrolsareexamplesofpreventivecontrols.
Source:
InformationSystemsAuditandControlAssociation,CertifiedInformationSystemsAuditor2002reviewmanual,Chapter1:
TheISAuditProcess(page30).
Contributor:
ChristianVezina
Studyarea:
CISAdomain#1-TheISAuditProcess
Coveredtopic:
Audittrails
Thisquestion©Copyright2003–2009ChristianVezina,cccure.org.Allrightsreserved.Nounauthorizeduseorduplicationwithoutexplicitwrittenpermissionofauthorandofcccure.org.
3.Question:
|Difficulty:
3/5|Relevancy:
3/3
NathaliehasshownakeeninterestinlearningmoreaboutSecuritytestingandPenetrationTesting. Shevisitedthelocallibraryinhertownandfoundtherewasafewbooksabouthackingwhichshesignedoutfortheweekend. PassingbyherpreferrednewsstandshesawacopyoftheHakin9magazineanddecidedtobuyit. ShewasverypleasedtonotethatitcomeswithabootableCDROMthatcontainsamodifiedversionofBackTrackwhichisaspecialLinuxDistributionforpenetrationtester.
Thenextdayshewentbacktothelibraryandusedhernewbootableoperatingsystemtoprobethenetworkandattempttoidentifyvulnerabiltiesthatshecouldreporttothelibrarymanagerinordertohelpthemsecuresystemsagainstmaliciousattackers.
WhatiswrongwithNathaliesactionanddoyouthinkitwasjustified?
o
Nathaliedidnothaveauthorizationfromtheowneroftheresourcesbutitwasjustifiedasshewantedtoprotectthenetwork.
o›
NathaliedidnothaveauthorizationfromtheowneroftheresourcesbutitwasNOTjustifiedeventhoushewantedtoprotectthenetwork.
o
UsageofbootableLinuxCDROMisforbiddeninmostlibrairiesbutheractionswerejustifedbyherwillingnesstohelp.
o
AslongasshedoesnotexploittheweaknessesthatwerefoundNathaliedidtherightthingandheractionswerejustified.
Youdidnotprovideanyanswertothisquestion.Pleasereviewdetailsbelow.
Details
Submitacommentonthisquestion
Thecorrectansweris:
NathaliedidNOThaveauthorizationfromtheowneroftheresourcesanditwasNOTjustifiedeventhoushewantedtoprotectthenetwork.
EventhouNathalie'sintentionswerenobleandshewantedtohelp,doinganytypeoftestingwithoutthepermissionsoftheowneroftheresourcemakesyouacrackerjustlikeanyotherpersonwhowouldbetryingtobreakintosystemswithoutproperauthorization. Thefactsheclaimitwasforthegoodofthenetworkdoesnotjustifydoingsuchaction.
Thefollowinganswersareincorrect:
NathaliedidNOThaveauthorizationfromtheowneroftheresourcesb