Monday, June 18, 2018

DBMS

There are four structural types of database management systems:
  • Hierarchical databases.
  • Network databases.
  • Relational databases.
  • Object-oriented databases.

CISSP Domains

(ISC)²'s CISSP Exam covers 8 domains in 2018 which are:
  • Security and Risk Management.
  • Asset Security.
  • Security Engineering.
  • Communications & Network Security.
  • Identity & Access Management.
  • Security Assessment & Testing.
  • Security Operations.
  • Software Development Security.

Monday, June 11, 2018

Sample Questions

1. Which of the following ensures that the application’s hardware remain highly available?
a. Disk Mirroring
b. Clustering
c. RAI
d. RAIT
2. What is the advantage of digital signatures over message authentication codes?
a. Digital signature provides integrity verification while message authentication code can not
b. Digital signature provides confidentiality while message authentication code can not
c. Digital signature provides authenticity while message authentication code can not
d. Digital signature works faster than message authentication codes
3. What is not secured in end-to-end encryption?
a. Packet payload
b. Public key
c. Packet header
d. Private key
4. When due diligence and due care is observed it is said to be:
a. Prudent person rule
b. Proactive approach
c. Negligence
d. Reactive approach
5. Which of the following algorithms can be used for Kerberos encryption
a. DSA
b. RSA
c. DES
d. ECC
6. Which of the following provide isolation between subjects and objects?
a. Reference monitor kernel
b. Security monitor kernel
c. Trusted computing base
d. Security kernel
7. What is the purpose of using Secure Hash Algorithm in virtual private networks?
a. Authentication
b. Key validation
c. Integrity
d. Encryption
8. Which of the following documents has optional statements?
a. Policy
b. Regulation
c. Baseline
d. Guideline
9. Which of the following glass type you will use for windows opening at street level
a. Tempered glass
b. Wired glass
c. Laminated glass
d. Bullet resistant glass
10. If an IDS runs a script on firewall to block an attacking address, what type of control it is?
a. Corrective
b. Preventive
c. Detectived. Compensating

Questions Links

Sunday, June 10, 2018

Kerberos

Kerberos can use a variety of cipher algorithms to protect data. A Kerberos encryption type (also known as an enctype) is a specific combination of a cipher algorithm with an integrity algorithm to provide both confidentiality and integrity to data.





The Data Encryption Standard (DES) cipher can be used in combination with Kerberos, but is no longer an Internet standard because it is weak. Security vulnerabilities exist in many legacy products that implement Kerberos because they have not been updated to use newer ciphers like AES instead of DES.

What is CISSP

Certified Information Systems Security Professional (CISSP) is an independent information security certification granted by the International Information System Security Certification Consortium, also known as (ISC)².