08/02/2025 14:19:37
CISSP 2024 STUDY PREP
What is due care?
Due care is about doing the right things to protect data and systems.
(Implementation)
What is due diligence?
Due diligence is about continuously monitoring and improving the organization's
security posture and compliance status. (Maintenance)
What is a state table for a firewall?
A state table is used by the firewall to track the state and context of each packet in a
session of communication between devices across the firewall.
What is pairwise testing?
Definition:
- Pairwise testing is a black-box test design technique that aims to achieve maximum
test coverage while minimizing the number of test cases.
- It focuses on testing all possible discrete combinations of each pair of input
parameters in a system or application.
- The technique is particularly useful when dealing with applications involving
multiple parameters.
How It Works:
- Consider an application with various input parameters (e.g., car ordering
application variables).
- Instead of exhaustively testing all possible combinations, pairwise testing selects a
subset of combinations that covers every pair of input parameters.
- By doing so, it efficiently explores the interactions between parameters without
overwhelming the testing process.
What is combinatorial testing?
Definition:
- Combinatorial testing involves using multiple combinations of input parameters to
test a software application.
- The primary goal is to ensure that the software can handle various combinations of
test data as input parameters and configuration options.
Why It Matters:
- Imagine an application with several input parameters (e.g., car ordering system
variables).
- Instead of exhaustively testing every combination, combinatorial testing selects a
representative subset that covers critical interactions.
- This approach achieves maximum test coverage while minimizing the number of
test cases.
What is a reference monitor?
Definition:
- A reference monitor defines a set of design requirements for a reference validation
mechanism within an operating system.
- Its primary role is to enforce an access control policy over subjects (such as
processes and users) regarding their ability to perform operations (like reading and
writing) on objects (such as files and sockets) within the system.
, 08/02/2025 14:19:37
What is a nonce in cryptography?
A cryptographic nonce is an arbitrary number used just once in a cryptographic
communication.
It's often a random or pseudo-random value issued during authentication to prevent
replay attacks.
Think of it as a unique, disposable token that ensures old communications can't be
reused maliciously.
What are the primary limitations of the Bell LaPadula model?
Confidentiality Only: The BLP model primarily focuses on data confidentiality. It does
not address other security goals such as integrity or authentication.
No Method for Classification Management: The BLP model assumes that all data are
assigned with a classification and that this classification will never change. However,
in real-world scenarios, data classifications can evolve over time, and the model
lacks mechanisms to handle such changes.
Limited to Confidentiality: While the BLP model ensures strong confidentiality, it does
not deal with information flow through covert channels or address integrity concerns.
What are biometric type I errors?
Type I Error (False Positive):
A type I error occurs when a biometric system incorrectly rejects a valid user who
should have been accepted.
Imagine someone trying to unlock their phone using fingerprint recognition. If the
system mistakenly rejects them even though their fingerprint matches the authorized
data, that's a type I error.
Common scenarios for type I errors include:A person has a cut on their finger,
affecting fingerprint recognition.An individual loses their voice temporarily due to a
cold, impacting voice recognition
What are biometric type II errors?
Type II Error (False Negative):
A type II error occurs when a biometric system fails to reject an unauthorized user
who should have been denied access.
Imagine a scenario where someone tries to unlock their phone using fingerprint
recognition. If the system mistakenly accepts an unauthorized fingerprint as valid,
that's a type II error.
Common situations for type II errors include:An unauthorized person bypassing
facial recognition and gaining access to a secure area.A voice recognition system
allowing an impostor to use someone else's voice
What layers consist of the TCP/IP model?
Application Layer:
- This layer deals with network applications and their interactions.
- It is responsible for generating data and requesting connections.
- Examples of protocols at this layer include HTTP, SMTP, and FTP.
Transport Layer (TCP/UDP):
- The transport layer ensures end-to-end communication between devices.
CISSP 2024 STUDY PREP
What is due care?
Due care is about doing the right things to protect data and systems.
(Implementation)
What is due diligence?
Due diligence is about continuously monitoring and improving the organization's
security posture and compliance status. (Maintenance)
What is a state table for a firewall?
A state table is used by the firewall to track the state and context of each packet in a
session of communication between devices across the firewall.
What is pairwise testing?
Definition:
- Pairwise testing is a black-box test design technique that aims to achieve maximum
test coverage while minimizing the number of test cases.
- It focuses on testing all possible discrete combinations of each pair of input
parameters in a system or application.
- The technique is particularly useful when dealing with applications involving
multiple parameters.
How It Works:
- Consider an application with various input parameters (e.g., car ordering
application variables).
- Instead of exhaustively testing all possible combinations, pairwise testing selects a
subset of combinations that covers every pair of input parameters.
- By doing so, it efficiently explores the interactions between parameters without
overwhelming the testing process.
What is combinatorial testing?
Definition:
- Combinatorial testing involves using multiple combinations of input parameters to
test a software application.
- The primary goal is to ensure that the software can handle various combinations of
test data as input parameters and configuration options.
Why It Matters:
- Imagine an application with several input parameters (e.g., car ordering system
variables).
- Instead of exhaustively testing every combination, combinatorial testing selects a
representative subset that covers critical interactions.
- This approach achieves maximum test coverage while minimizing the number of
test cases.
What is a reference monitor?
Definition:
- A reference monitor defines a set of design requirements for a reference validation
mechanism within an operating system.
- Its primary role is to enforce an access control policy over subjects (such as
processes and users) regarding their ability to perform operations (like reading and
writing) on objects (such as files and sockets) within the system.
, 08/02/2025 14:19:37
What is a nonce in cryptography?
A cryptographic nonce is an arbitrary number used just once in a cryptographic
communication.
It's often a random or pseudo-random value issued during authentication to prevent
replay attacks.
Think of it as a unique, disposable token that ensures old communications can't be
reused maliciously.
What are the primary limitations of the Bell LaPadula model?
Confidentiality Only: The BLP model primarily focuses on data confidentiality. It does
not address other security goals such as integrity or authentication.
No Method for Classification Management: The BLP model assumes that all data are
assigned with a classification and that this classification will never change. However,
in real-world scenarios, data classifications can evolve over time, and the model
lacks mechanisms to handle such changes.
Limited to Confidentiality: While the BLP model ensures strong confidentiality, it does
not deal with information flow through covert channels or address integrity concerns.
What are biometric type I errors?
Type I Error (False Positive):
A type I error occurs when a biometric system incorrectly rejects a valid user who
should have been accepted.
Imagine someone trying to unlock their phone using fingerprint recognition. If the
system mistakenly rejects them even though their fingerprint matches the authorized
data, that's a type I error.
Common scenarios for type I errors include:A person has a cut on their finger,
affecting fingerprint recognition.An individual loses their voice temporarily due to a
cold, impacting voice recognition
What are biometric type II errors?
Type II Error (False Negative):
A type II error occurs when a biometric system fails to reject an unauthorized user
who should have been denied access.
Imagine a scenario where someone tries to unlock their phone using fingerprint
recognition. If the system mistakenly accepts an unauthorized fingerprint as valid,
that's a type II error.
Common situations for type II errors include:An unauthorized person bypassing
facial recognition and gaining access to a secure area.A voice recognition system
allowing an impostor to use someone else's voice
What layers consist of the TCP/IP model?
Application Layer:
- This layer deals with network applications and their interactions.
- It is responsible for generating data and requesting connections.
- Examples of protocols at this layer include HTTP, SMTP, and FTP.
Transport Layer (TCP/UDP):
- The transport layer ensures end-to-end communication between devices.
