Preview Mode Links will not work in preview mode

Reduce Cyber Risk Podcast: "CISSP Training Made Simple"


Jul 13, 2020

Subscribe: iTunes | Goggle Play | Stitcher Radio | RSS

Description:

Shon Gerber from ShonGerber.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need to enhance your cybersecurity career.  Shon utilizes his expansive knowledge while providing superior training from his years of training people in cybersecurity. 

Shon will provide CISSP study and training for passing the CISSP Exam the first time

BTW - Get access to all my Free Content and CISSP Training Courses here at:  https://shongerber.com/

Available Courses: 

 

CISSP Exam Questions

Question:  168

Sarah’s team must build a new operating system for her company’s internal functionality requirements. The system must be able to process data at different classifications levels and allow users of different clearances to be able to interact with only the data that maps to their profile. She is told that the system must provide data hiding, and her boss suggests that her team implement a hybrid microkernel design. Sarah knows that the resulting system must be able to achieve a rating of EAL 6 once it goes through the Common Criteria evaluation process.

Which of the following is a characteristic that this new system will need to implement?
A. Multiprogramming
B. Simple integrity axiom
C. Mandatory access control
D. Formal verification

 

  1. Since the new system must achieve a rating of EAL 6, it must implement mandatory access control capabilities. This is an access control model that allows users with different clearances to be able to interact with a system that processes data of different classification levels in a secure manner. The rating of EAL 6 requires semiformally verified design and testing, whereas EAL 7 requires verified design and testing.

https://www.brainscape.com/subjects/cissp-domains

------------------------------------

Question:  169

Sarah’s team must build a new operating system for her company’s internal functionality requirements. The system must be able to process data at different classifications levels and allow users of different clearances to be able to interact with only the data that maps to their profile. She is told that the system must provide data hiding, and her boss suggests that her team implement a hybrid microkernel design. Sarah knows that the resulting system must be able to achieve a rating of EAL 6 once it goes through the Common Criteria evaluation process.

Which of the following reasons best describes her boss’s suggestion on the kernel design of the new system?
A. Hardware layer abstraction for portability capability
B. Layered functionality structure
C. Reduced mode transition requirements
D. Central location of all critical operating system processes

  1. A hybrid microkernel architecture means that all kernel processes work within kernel mode, which reduces the amount of mode transitions. The reduction of mode transitions reduces performance issues because the CPU does not have to change from user mode to kernel mode as many times during its operation.

https://www.brainscape.com/subjects/cissp-domains

------------------------------------

Question:  170

Sarah’s team must build a new operating system for her company’s internal functionality requirements. The system must be able to process data at different classifications levels and allow users of different clearances to be able to interact with only the data that maps to their profile. She is told that the system must provide data hiding, and her boss suggests that her team implement a hybrid microkernel design. Sarah knows that the resulting system must be able to achieve a rating of EAL 6 once it goes through the Common Criteria evaluation process.

Which of the following is a required characteristic of the system Sarah’s team must build?
A. Multilevel security
B. Dedicated mode capability
C. Simple security rule
D. Clark-Wilson constructs

  1. A multilevel security system allows for data at different classification levels to be processed and allows users with different clearance levels to interact with the system securely.

https://www.brainscape.com/subjects/cissp-domains

Want to find Shon elsewhere on the internet?

LinkedIn – www.linkedin.com/in/shongerber

Facebook - https://www.facebook.com/CyberRiskReduced/

LINKS: