100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CISSP Final Prep - Shane Exam Questions And Answers $10.99   Add to cart

Exam (elaborations)

CISSP Final Prep - Shane Exam Questions And Answers

 8 views  0 purchase
  • Course
  • CISSP - Shane
  • Institution
  • CISSP - Shane

CISSP Final Prep - Shane Exam Questions And Answers ...

Preview 3 out of 19  pages

  • November 1, 2024
  • 19
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CISSP - Shane
  • CISSP - Shane
avatar-seller
Easton
CISSP Final Prep - Shane Exam Questions And
Answers 2024-2025

What is the Biba Security Model

A security model that describes a set of access control rules designed to addresses the
INTEGRITY of data w/in a system. This model is NOT concerned with security levels or
confidentiality.



3 Main Rules:

1 - *-integrity axiom (no write up) - A subject cannot write data to an object at a higher
integrity level

2 - Simple integrity axiom (no read down) - a subject cannot read data from a lower
integrity level.

3 - A subject can not request service (invoke) at a higher integrity



(note: "simple means reading, * or "star" means writing)




What is the Clark Wilson Security Model

Integrity Security model protects data INTEGRITY and allows properly formatted
transactions, emphasizing WELL FORMED TRANSACTIONS and SEPARATION OF
DUTIES.

Every data item and allows modifications through only a small set of programs. The
model is based upon a three-part relationship of subject/program/object where program
is synonymous with transaction and is called an access control triple or triple. This
relationship describes subjects without direct access to objects. Objects are only
accessible via programs. Look here to see how this differs from other access control
models.

-Subjects can only access objects through authorized programs (access triple)

- Seperation of Duties is Enforced

,-Auditing is Required



Previous

Play

Next

Rewind 10 seconds

Move forward 10 seconds

Unmute

0:00

/

0:15

Full screen

Brainpower

Read More

What is the Brewer and Nash Security Model (also called the Chinese Wall Security
Model)

Security model that can write to an object if and ONLY IF it can NOT read another object
in a different data set.



Provides access controls that may dynamically change based on the prior actions of a
user.

Primary Objective

To protect against conflicts of interest due to user attempts to gain access.

How RESIDUAL RISK is calculated

(threats x vulnerability x asset value) x controls gap = ----- RISK

How is TOTAL RISK calculated

threats x vulnerability x asset value = ------ RISK

What is the SLE formula (Single Loss Expectancy

, asset value x exposure factor (EF) = SLE




What is an EXPOSURE FACTOR (EF) in RISK ANALYSIS

Represents the percentage of a loss a realised threat could have on a certain asset.



How is the ANNUAL LOSS EXPECTANCY (ALE) calculated

SLE x ARO = ALE



Single Loss Expectancy (SLE) x Annualized Rate of Occurrence (ARO) = Annual Loss
Expectancy



Name 7 Asymmetric Encryption Alogrithms

1 - The Diffie-Hellman Algorithm

2 - RSA

3 - El Gamal

4 - Elliptic Curve Cryptosystems

5 - LUC

6 - Knapsak

7 - Zero Knowledge Proof



List 11 Symmetric Algorithms

1 - DES - Data Encryption Standard - 56 bits

2 - DES - 3-DES Keys

3 - AES - 128, 192, 256 bits

4 - IDEA - International Data Encryption Alogrithm - 128 bits

5 - Blowfish - up to 448 bits

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Easton. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $10.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

72042 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$10.99
  • (0)
  Add to cart