CISSP PRACTICE QUESTIONS – 20200717

Effective CISSP Questions

You are developing a network access control (NAC) solution to prevent unauthorized hosts from connecting to the network. To enforce authorized access, the solution maintains an authorization database of IP-MAC mappings and responds to ARP broadcasts from unauthorized hosts with the MAC of a captive portal as the destination. Which of the following is most likely used for the solution to redirect the unauthorized hosts to the captive portal? (Source: Wentz QOTD)
A. Spoofing
B. Layering
C. Encapsulation
D. Compromise recording


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is A. Spoofing.

Architectural and Design Principles

This is a project I engaged in years ago. A device of the NAC solution spoofed ARP responses to unauthorized hosts so that they are redirected to the spoofed destination, the captive portal. I don’t think it’s a good idea for security products to interfere with normal protocol operations, but we were awarded the project that works this way:)

Layering

Layering is an architectural design principle to logically separate concerns. On the other hand, tiering refers to the physical separation of components in a solution deployment model. Layering, in the area of security, may refer to layered defense.

Encapsulation

Encapsulation is a design principle to limit direct access to certain resources. Instead, an interface to the resources is required to get access to them. It’s common for people to relate information hiding to encapsulation.

Compromise Recording

“Compromise recording: It is sometimes suggested that mechanisms that reliably record that a compromise of information has occurred can be used in place of more elaborate mechanisms that completely prevent loss.” (Wikipedia)

Reference


A BLUEPRINT FOR YOUR SUCCESS IN CISSP

My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and informative reference for security professionals.

 

Leave a Reply