1. Главная
  2. Книги
  3. Vallabhaneni S. Rao
  4. CISSP Practice
  5. Страница 214
Выбрать главу

Note that one does not need to complete all these methods, but can stop after any specific method and after reaching the final goal based on the sensitivity and criticality of data on the disk.

109. Who initiates audit trails in computer systems?

a. Functional users

b. System auditors

c. System administrators

d. Security administrators

109. a. Functional users have the utmost responsibility in initiating audit trails in their computer systems for tracing and accountability purposes. Systems and security administrators help in designing and developing these audit trails. System auditors review the adequacy and completeness of audit trails and issue an opinion whether they are effectively working. Auditors do not initiate, design, or develop audit trails due to their independence in attitude and appearance as dictated by their Professional Standards.

110. The automatic termination and protection of programs when a failure is detected in a computer system are called a:

a. Fail-safe

b. Fail-soft

c. Fail-over

d. Fail-open

110. a. The automatic termination and protection of programs when a failure is detected in a computer system is called fail-safe. The selective termination of affected nonessential processing when a failure is detected in a computer system is called a fail-soft. Fail-over means switching to a backup mechanism. Fail-open means that a program has failed to open due to errors or failures.

111. An inexpensive security measure is which of the following?

a. Firewalls

b. Intrusion detection

c. Audit trails

d. Access controls

111. c. Audit trails provide one of the best and most inexpensive means for tracking possible hacker attacks, not only after attack, but also during the attack. You can learn what the attacker did to enter a computer system, and what he did after entering the system. Audit trails also detect unauthorized but abusive user activity. Firewalls, intrusion detection systems, and access controls are expensive when compared to audit trails.

112. What is the residual physical representation of data that has been in some way erased called?

a. Clearing

b. Purging

c. Data remanence

d. Destruction

112. c. Data remanence is the residual physical representation of data that has been in some way erased. After storage media is erased, there may be some physical characteristics that allow the data to be reconstructed, which represents a security threat. Clearing, purging, and destruction are all risks involved in storage media. In clearing and purging, data is removed, but the media can be reused. The need for destruction arises when the media reaches the end of its useful life.

113. Which of the following methods used to safeguard against disclosure of sensitive information is effective?

a. Degaussing

b. Overwriting

c. Encryption

d. Destruction

113. c. Encryption makes the data unreadable without the proper decryption key. Degaussing is a process whereby the magnetic media is erased, i.e., returned to its initial virgin state. Overwriting is a process whereby unclassified data are written to storage locations that previously held sensitive data. The need for destruction arises when the media reaches the end of its useful life.

114. Magnetic storage media sanitization is important to protect sensitive information. Which of the following is not a general method of purging magnetic storage media?

a. Overwriting

b. Clearing

c. Degaussing

d. Destruction

114. b. The removal of information from a storage medium such as a hard disk or tape is called sanitization. Different kinds of sanitization provide different levels of protection. Clearing information means rendering it unrecoverable by keyboard attack, with the data remaining on the storage media. There are three general methods of purging magnetic storage media: overwriting, degaussing, and destruction. Overwriting means obliterating recorded data by writing different data on the same storage surface. Degaussing means applying a variable, alternating current fields for the purpose of demagnetizing magnetic recording media, usually tapes. Destruction means damaging the contents of magnetic media through shredding, burning, or applying chemicals.

115. Which of the following redundant array of independent disks (RAID) technology classifications increases disk overhead?

a. RAID-1

b. RAID-2

c. RAID-3

d. RAID-4

115. a. Disk array technology uses several disks in a single logical subsystem. To reduce or eliminate downtime from disk failure, database servers may employ disk shadowing or data mirroring. A disk shadowing, or RAID-1, subsystem includes two physical disks. User data is written to both disks at once. If one disk fails, all the data is immediately available from the other disk. Disk shadowing incurs some performance overhead (during write operations) and increases the cost of the disk subsystem because two disks are required. RAID levels 2 through 4 are more complicated than RAID-1. Each involves storage of data and error correction code information, rather than a shadow copy. Because the error correction data requires less space than the data, the subsystems have lower disk overhead.

116. Indicate the correct sequence of degaussing procedures for magnetic disk files.

1. Write zeros

2. Write a special character

3. Write ones

4. Write nines

a. 1, 3, and 2

b. 3, 1, 4, and 2

c. 2, 1, 4, and 3

d. 1, 2, 3, and 4

116. a. Disk files can be demagnetized by overwriting three times with zeros, ones, and a special character, in that order, so that sensitive information is completely deleted.

117. Which of the following is the best control to prevent a new user from accessing unauthorized file contents when a newly recorded file is shorter than those previously written to a computer tape?

a. Degaussing

b. Cleaning

c. Certifying

d. Overflowing

117. a. If the new file is shorter than the old file, the new user could have open access to the existing file. Degaussing is best used under these conditions and is considered a sound and safe practice. Tape cleaning functions are to clean and then to properly wind and create tension in the computer magnetic tape. Recorded tapes are normally not erased during the cleaning process. Tape certification is performed to detect, count, and locate tape errors and then, if possible, repair the underlying defects so that the tape can be placed back into active status. Overflowing has nothing to do with computer tape contents. Overflowing is a memory or file size issue where contents could be lost due to size limitations.

~ 214 ~