Читаем CISSP Practice полностью

49. a. When performing physical maintenance, all plaintext secret and private keys and other unprotected critical security parameters (CSPs) contained in the cryptographic module should be zeroized. Zeroization proof is a method of erasing electronically stored data by altering the contents of the data storage so as to prevent the recovery of data. The cryptographic module can either perform zeroization procedurally by the operator or automatically.

The other three choices do not provide security measures for cryptographic keys. Zero-knowledge proof deals with keeping information secret in that it refers to one party proving something to another without revealing any additional information. Zero-defects proof is a total quality management concept in which products are made with zero defects—one of the goals of quality. Zero-quantum proof is based on principles of quantum-mechanics where eavesdroppers alter the quantum state of the cryptographic system.

50. Which of the following is the best defense against hardware-based key loggers?

a. Logical security controls

b. Physical security controls

c. Application security controls

d. Network security controls

50. b. A key logger is software or hardware that collects every keystroke a user makes on his PC. Law enforcement authorities have used key loggers as a form of wiretap against suspected individuals. Now some viruses and worms can install key loggers to search for passwords and account numbers. The hardware-based key logger device plugs in between the user keyboard and his PC, which requires physical access to the PC to install the device. Under these circumstances, physical security controls are the best defense against hardware-based key loggers.

51. Which of the following is not an explicit design goal of a physical protection system based on sound engineering principles?

a. Provide protection-in-depth.

b. Provide line-of-sight to assets.

c. Minimize the consequences of component failures.

d. Exhibit balanced protection.

51. b. Defensive security measures provide barriers to movement of assets and obscures line-of-sight to assets. Obscuring, not providing, a line-of-sight is based on sound engineering design principles. Defensive security measures say that assets should not be visible to outsiders. (For example, a data center should not be visible from the street.) The other three choices are incorrect because they are explicit design goals of a physical protection system based on sound engineering principles.

52. Regarding a physical protection system, what is primarily the delay before detection?

a. Response

b. Deterrent

c. Detection

d. Defeat

52. b. Delay is the slowing down of adversary progress. Delay can be accomplished by response-force personnel (security guards), barriers, locks, and activated and automated delays. The measure of a delay’s effectiveness is the time required by the adversary after detection to bypass each delay element. Therefore, delay before detection is primarily a deterrent.

Response is incorrect because it consists of the actions taken by the response force to prevent adversary success. Detection is incorrect because it senses an act of aggression, assesses the validity of the detection, and communicates the appropriate information to a response force personnel (e.g., security guard). Defeat is incorrect because most protective systems depend on response personnel to defeat an aggressor.

53. A secure and safe room should have which of the following?

a. No more than one door

b. No more than two doors

c. No more than three doors

d. No more than four doors

53. b. A secure and safe room should have no more than two doors. These doors should be solid, fireproof, lockable, and observable by physical security staff. One door is for entrance and the other one is for exit according to building fire code. Too many doors provide too many escape routes for an intruder that security staff cannot observe.

54. Which of the following is not one of the four legs of a fire?

a. Heat

b. Fuel

c. Oxygen

d. Smoke

54. d. Smoke is a byproduct of a fire whereas heat, fuel, oxygen, and chemical reaction are the four legs of a fire.

55. Where do you start when considering physical security protection for new computer facilities?

a. Front to back

b. Back to front

c. Outside in

d. Inside out