180. Which of the following is an example of a single point-of-failure?

a. Security administration

b. Single sign-on

c. Multiple passwords

d. Network changes

180. b. The single sign-on (SSO) system is an example of a single point-of-failure, where the risk is concentrated rather than diffused. If the sign-on system is compromised, the entire system is vulnerable.

The other three choices are examples of multiple points-of-failure, where many things can go wrong in many places by many individuals. Every time an employee is terminated or parts of the network changed, the security administrator must deactivate all the employee’s passwords and reconfigure the network. Here, the risk is spread out, not concentrated.

181. Which of the following is an example of a second line-of-defense in attack recognition?

a. Firewall

b. Attack detection software

c. Password

d. Internal controls

181. b. A firewall, a password, and internal controls are first lines-of-defenses against attacks and fraud. The firewall can be bypassed by a clever attacker using an Internet protocol (IP) spoof attack or by bypassing it completely and gaining access to the network directly through a modem. Because of the difficulty in configuring a firewall, a second line-of-defense is needed, and it is the attack detection software installed either on host or network. If an attack cannot be prevented, it must at least be detected.

The line-of-defenses are security mechanisms for limiting and controlling access to and use of computer system resources. They exercise a directing or restraining influence over the behavior of individuals and the content of computer systems. The line-of-defenses form a core part of defense-in-depth strategy or security-in-depth strategy.

182. Which of the following physical security mechanisms provides a first line-of-defense for a data center?

a. Interior areas within a building

b. Exterior walls of a building

c. Perimeter barriers outside a building

d. Ceilings of a building

182. c. The perimeter barriers such as gates and guards, which are located at an outer edge of a property, provide a first line-of-defense. Exterior walls, ceilings, roofs, and floors of a building themselves provide a second line-of-defense. Interior areas within a building such as doors and windows provide a third line-of-defense. All these examples are physical security mechanisms. The first line-of-defense is always better than the other lines-of-defenses due to cost, time, and effectiveness factors.

The line-of-defenses are security mechanisms for limiting and controlling access to and use of computer system resources. They exercise a directing or restraining influence over the behavior of individuals and the content of computer systems. The line-of-defenses form a core part of defense-in-depth strategy or security-in-depth strategy.

183. Which of the following is the correct approach for an information system to separate user functionality from management functionality?

a. Application partitioning

b. Boundary protection

c. Security parameters

d. Controlled interfaces

183. a. Application partitioning means the information system physically or logically separates user interface services (e.g., public Web pages) from information system storage and management services (e.g., database management). Separation may be accomplished through the use of different computers, different CPUs, different instances of the operating system, different network addresses, or combinations of these or other methods.

Boundary protection is incorrect because it means controlling communications at the external boundary of an information system and at key internal boundaries within the system. The organization physically allocates publicly accessible information system components (e.g., public Web servers) to separate sub-networks with separate, physical network interfaces.

Security parameters are incorrect because they include security labels and markings, which are associated with information exchanged between information systems.

Controlled interfaces are incorrect because they include devices such as proxies, gateways, routers, firewalls, and encrypted tunnels provide controlled interfaces to the Internet or external networks.

184. From a security policy viewpoint, a survivable system should be built based on a specific:

a. Hardware

b. Software

c. Architecture

d. Vendor

184. c. An architecture-based approach should be taken to achieve survivability. That is, one should take an approach where design issues, rather than specific hardware or software products or vendors, are key to creating such a system.

185. Which of the following memory protection mechanisms can eliminate the possibility of malicious code insertion?

a. System partitioning

b. Nonmodifiable executable programs

c. Resource isolation

d. Domain separation

185. b. A nonmodifiable executable program is the one that loads and executes the operating environment and application system from hardware-enforced and read-only media (e.g., CD-R/DVD-R disk drives). The term operating environment is defined as the code upon which application systems are hosted (e.g., a monitor, executive, operating system, or application system running directly on the hardware platform). Use of nonmodifiable storage ensures the integrity of the software program from the point of creation of the read-only image. It can eliminate the possibility of malicious code insertion via persistent, writeable storage.

System partitioning means breaking the system into components to reside in separate physical domains or environments as deemed necessary. Resource isolation is the containment of subjects and objects in a system in such a way that they are separated from one another. Domain separation relates to the mechanisms that protect objects in the system.

186. Which of the following provides organizations with the ability to disguise information systems and to reduce the likelihood of successful attacks without the cost of having multiple platforms?

a. Virtual computing

b. Virtual machine software

c. Virtualization technologies

d. Virtualized networking

186. c. Virtualization technologies provide organizations with the ability to disguise information systems, potentially reducing the likelihood of successful attacks without the cost of having multiple platforms. Although frequent changes to operating systems and application systems pose configuration management challenges, the changes result in an increased work factor for adversaries to carry out successful attacks. Changing the apparent operating system or application system, as opposed to the actual operating system or application system, results in virtual changes that still impede attacker success while helping to reduce the configuration management effort. To achieve this goal, organizations should employ randomness in the implementation of the virtualization technologies.

Many virtualization solutions allow more than one operating system to run on a single computer simultaneously, each appearing as if it were a real computer. This has become popular recently because it allows organizations to make more effective use of computer hardware. Most of these types virtualization systems include virtualized networking, which allows the multiple operating systems to communicate as if they were on standard Ethernet, even though there is no actual networking hardware.