Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online

    Free Trial

    Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • PrintPrint
    Share this Page URL
    Help

    Quick Tips

    • If an application fails for any reason, it should go directly to a secure state.

    • A database management system (DBMS) is the software that controls the access restrictions, data integrity, redundancy, and the different types of manipulation available for a database.

    • In relational database terminology, a database row is called a tuple.

    • A database primary key is how a specific row is located from other parts of the database.

    • A view is an access control mechanism used in databases to ensure that only authorized subjects can access sensitive information.

    • A relational database uses two-dimensional tables with rows (tuples) and columns (attributes).

    • A hierarchical database uses a tree-like structure to define relationships between data elements, using a parent/child relationship.

    • Most databases have a data definition language (DDL), a data manipulation language (DML), a query language (QL), and a report generator.

    • A data dictionary is a central repository that describes the data elements within a database and their relationships. A data dictionary contains data about a database, which is called metadata.

    • Database integrity is provided by concurrency mechanisms. One concurrency control is locking, which prevents users from accessing and modifying data being used by someone else.

    • Entity integrity makes sure that a row, or tuple, is uniquely identified by a primary key, and referential integrity ensures that every foreign key refers to an existing primary key.

    • A rollback cancels changes and returns the database to its previous state. This takes place if there is a problem during a transaction.

    • A commit statement terminates a transaction and saves all changes to the database.

    • A checkpoint is used if there is a system failure or problem during a transaction. The user is then returned to the state of the last checkpoint.

    • Aggregation can happen if a user does not have access to a group of elements, but has access to some of the individual elements within the group. Aggregation happens if the user combines the information of these individual elements and figures out the information of the group of data elements, which is at a higher sensitivity level.

    • Inference is the capability to derive information that is not explicitly available.

    • Common attempts to prevent inference attacks are partitioning the database, cell suppression, and adding noise to the database.

    • Polyinstantiation is the process of allowing a table to have multiple rows with the same primary key. The different instances can be distinguished by their security levels or classifications.

    • Polymorphism is when different objects are given the same input and react differently.

    • The two largest security problems associated with database security are inference and aggregation.

    • Data warehousing combines data from multiple databases and data sources.

    • Data mining is the process of massaging data held within a data warehouse to provide more useful information to users.

    • Data-mining tools produce metadata, which can contain previously unseen relationships and patterns.

    • Security should be addressed in each phase of system development. It should not be addressed only at the end of development, because of the added cost, time, and effort and the lack of functionality.

    • Systems and applications can use different development models that utilize different life cycles, but all models contain project initiation, functional design analysis and planning, system design specifications, software development, installation, operations and maintenance, and disposal in some form or fashion.

    • Risk management and assessments should start at the beginning of a project and continue throughout the lifetime of the product.

    • If proper design for a product is not put into place in the beginning, more effort will have to take place in the implementation, testing, and maintenance phases.

    • Separation of duties should be practiced in roles, environments, and functionality pertaining to the development of a product.

    • A programmer should not have direct access to code in production. This is an example of separation of duties.

    • Certification deals with testing and assessing the security mechanism in a system, while accreditation pertains to management formally accepting the system and its associated risk.

    • Change control needs to be put in place at the beginning of a project and must be enforced through each phase.

    • Changes must be authorized, tested, and recorded. The changes must not affect the security level of the system or its capability to enforce the security policy.

    • Iterative development is a software development method that follows a cyclic approach to software development.

    • Waterfall development is a software development method that is a classical method using discrete phases of development that require formal reviews and documentation before moving into the next phase of the project.

    • Spiral development is a software development method that builds upon the waterfall method with an emphasis on risk analysis, prototypes, and simulations at different phases of the development cycle. This method periodically revisits previous stages to update and verify design requirements.

    • Security testing is a comprehensive analysis technique that tests programs under artificially created attack scenarios.

    • High-level programming languages are translated into machine languages for the system and its processor to understand.

    • Source code is translated into machine code, or object code, by compilers, assemblers, and interpreters.

    • Object-oriented programming provides modularity, reusability, and more granular control within the programs themselves.

    • Objects are members, or instances, of classes. The classes dictate the objects’ data types, structure, and acceptable actions.

    • Objects communicate with each other through messages.

    • A method is functionality that an object can carry out.

    • Data and operations internal to objects are hidden from other objects, which is referred to as data hiding. Each object encapsulates its data and processes.

    • Objects can communicate properly because they use standard interfaces.

    • Object-oriented design represents a real-world problem and modularizes the problem into cooperating objects that work together to solve the problem.

    • If an object does not require much interaction with other modules, it has low coupling.

    • The best programming design enables objects to be as independent and modular as possible; therefore, the higher the cohesion and the lower the coupling, the better.

    • An object request broker (ORB) manages communications between objects and enables them to interact in a heterogeneous and distributed environment.

    • Common Object Request Broker Architecture (CORBA) provides a standardized way for objects within different applications, platforms, and environments to communicate. It accomplishes this by providing standards for interfaces between objects.

    • Component Object Model (COM) provides an architecture for components to interact on a local system. Distributed COM (DCOM) uses the same interfaces as COM, but enables components to interact over a distributed, or networked, environment.

    • Open Database Connectivity (ODBC) enables several different applications to communicate with several different types of databases by calling the required driver and passing data through that driver.

    • Object linking and embedding (OLE) enables a program to call another program (linking) and permits a piece of data to be inserted inside another program or document (embedding).

    • Dynamic Data Exchange (DDE) enables applications to work in a client/server model by providing the interprocess communication (IPC) mechanism.

    • Distributed Computing Environment (DCE) provides much of the same functionality as DCOM, which enables different objects to communicate in a networked environment.

    • DCE uses universal unique identifiers (UUIDs) to keep track of different subjects, objects, and resources.

    • An expert system uses a knowledge base full of facts, rules of thumb, and expert advice. It also has an inference machine that matches facts against patterns and determines which rules are to be applied.

    • Expert systems are used to mimic human reasoning and replace human experts.

    • Expert systems use inference engine processing, automatic logical processing, and general methods of searching for problem solutions.

    • Artificial neural networks (ANNs) attempt to mimic a brain by using units that react like neurons.

    • ANNs can learn from experiences and can match patterns that regular programs and systems cannot.

    • Java security employs a sandbox so the applet is restricted from accessing the user’s hard drive or system resources. Programmers have figured out how to write applets that escape the sandbox.

    • ActiveX uses a security scheme that includes digital signatures. The browser security settings determine how ActiveX controls are dealt with.

    • SOAP allows programs created with different programming languages and running on different operating systems to interact without compatibility issues.

    • A virus is an application that requires a host application for replication.

    • Macro viruses are common because the languages used to develop macros are easy to use and they infect Office products, which are everywhere.

    • A boot sector virus overwrites data in the boot sector and can contain the rest of the virus in a sector it marks as “bad.”

    • A stealth virus hides its tracks and its actions.

    • A polymorphic virus tries to escape detection by making copies of itself and modifying the code and attributes of those copies.

    • Multipart viruses can have one part of the virus in the boot sector and another part of the virus on the hard drive.

    • A self-garbling virus tries to escape detection by changing, or garbling, its own code.

    • A worm does not require a host application to replicate.

    • A logic bomb executes a program when a predefined event takes place, or a date and time are met.

    • A Trojan horse is a program that performs useful functionality and malicious functionally without the user knowing it.

    • Smurf and Fraggle are two examples of DoS attacks that take advantage of protocol flaws and use amplifying networks.

    Questions

    Please remember that these questions are formatted and asked in a certain way for a reason. Keep in mind that the CISSP exam is asking questions at a conceptual level. Questions may not always have the perfect answer, and the candidate is advised against always looking for the perfect answer. Instead, the candidate should look for the best answer in the list.


      

    You are currently reading a PREVIEW of this book.

                                                                                            

    Get instant access to over
    $1 million worth of books and videos.

      

    Start a Free Trial


      
    • Safari Books Online
    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • PrintPrint