Читаем CISSP Practice полностью

A blacklist is a list of discrete entities, such as hosts or applications that have been previously determined to be associated with malicious activity. A whitelist is a list of discrete entities, such as hosts or applications known to be benign. Thresholds set the limits between normal and abnormal behavior of the intrusion detection and prevention systems (IDPS). Program code viewing and editing features are established to see the detection-related programming code in the IDPS.

2. Electronic authentication begins with which of the following?

a. Token

b. Credential

c. Subscriber

d. Credential service provider

2. c. An applicant applies to a registration authority (RA) to become a subscriber of a credential service provider (CSP) and, as a subscriber, is issued or registers a secret, called a token, and a credential (public key certificate) that binds the token to a name and other attributes that the RA has verified. The token and credential may be used in subsequent authentication events.

3. In the electronic authentication process, who performs the identity proofing?

a. Subscriber

b. Registration authority

c. Applicant

d. Credential service provider

3. b. The RA performs the identity proofing after registering the applicant with the CSP. An applicant becomes a subscriber of the CSP.

4. In electronic authentication, which of the following provides the authenticated information to the relying party for making access control decisions?

a. Claimant/subscriber

b. Applicant/subscriber

c. Verifier/claimant

d. Verifier/credential service provider

4. d. The relying party can use the authenticated information provided by the verifier/CSP to make access control decisions or authorization decisions. The verifier verifies that the claimant is the subscriber/applicant through an authentication protocol. The verifier passes on an assertion about the identity of the subscriber to the relying party. The verifier and the CSP may or may not belong to the same identity.

5. In electronic authentication, an authenticated session is established between which of the following?

a. Claimant and the relying party

b. Applicant and the registration authority

c. Subscriber and the credential service provider

d. Certifying authority and the registration authority

5. a. An authenticated session is established between the claimant and the relying party. Sometimes the verifier is also the relying party. The other three choices are incorrect because the correct answer is based on facts.

6. Under which of the following electronic authentication circumstances does the verifier need to directly communicate with the CSP to complete the authentication activity?

a. Use of a digital certificate

b. A physical link between the verifier and the CSP

c. Distributed functions for the verifier, relying party, and the CSP

d. A logical link between the verifier and the CSP

6. b. The use of digital certificates represents a logical link between the verifier and the CSP rather than a physical link. In some implementations, the verifier, relying party, and the CSP functions may be distributed and separated. The verifier needs to directly communicate with the CSP only when there is a physical link between them. In other words, the verifier does not need to directly communicate with the CSP for the other three choices.

7. In electronic authentication, who maintains the registration records to allow recovery of registration records?

a. Credential service provider

b. Subscriber

c. Relying party

d. Registration authority

7. a. The CSP maintains registration records for each subscriber to allow recovery of registration records. Other responsibilities of the CSP include the following:

The CSP is responsible for establishing suitable policies for renewal and reissuance of tokens and credentials. During renewal, the usage or validity period of the token and credential is extended without changing the subscriber’s identity or token. During reissuance, a new credential is created for a subscriber with a new identity and/or a new token.