tailieunhanh - The CISSP Prep Guide, Second Edition Mastering the CISSP and ISSEP Exams phần 8

Những tiền đề cơ bản của cải tiến quy trình là chất lượng của dịch vụ sản xuất là một chức năng trực tiếp của chất lượng của các Phần II ✦ Các thông tin hệ thống an ninh kỹ thuật chuyên nghiệp (ISSEP) tập trung PA22 Phối hợp với nhà cung cấp | 708 Part III Appendices 30. Random access memory is a. Non-volatile b. Sequentially addressable c. Programmed by using fusible links d. Volatile Answer d The correct answer is d. RAM is volatile. The other answers are incorrect because RAM is volatile randomly accessible and not programmed by fusible links. 31. In the National Information Assurance Certification and Accreditation Process NIACAP a type accreditation performs which one of the following functions a. Evaluates a major application or general support system b. Verifies the evolving or modified system s compliance with the information agreed on in the System Security Authorization Agreement SSAA c. Evaluates an application or system that is distributed to a number of different locations d. Evaluates the applications and systems at a specific self-contained location Answer c Answer a is the NIACAP system accreditation. Answer b is the Phase 2 or Verification phase of the Defense Information Technology Security Certification and Accreditation Process DITSCAP . The objective is to use the SSAA to establish an evolving yet binding agreement on the level of security required before the system development begins or changes to a system are made. After accreditation the SSAA becomes the baseline security configuration document. Answer d is the NIACAP site accreditation. 32. Processes are placed in a ring structure according to a. Least privilege b. Separation of duty c. Owner classification d. First in first out Answer a The correct answer is a. A process is placed in the ring that gives it the minimum privileges necessary to perform its functions. Appendix A Answers to Assessment Questions 709 33. The MULTICS operating system is a classic example of a. An open system b. Object orientation c. Database security d. Ring protection system Answer d The correct answer is d. Multics is based on the ring protection architecture. 34. What are the hardware firmware and software elements of a Trusted Computing Base TCB .