CISSP PRACTICE QUESTIONS – 20201014

Effective CISSP Questions

As a developer, you want to connect to a remote code repository using SSH. Which of the following is least likely to happen?
A. Install your public key on the remote code repository.
B. Generate a public and private key pair on your own.
C. Open the TCP port 22 on your development environment.
D. Input your password to log in.


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is C. Open the TCP port 22 on your development environment.

Authentication

SSH typically supports password authentication and public key authentication. If you decide to implement the public key authentication, you can generate the asymmetric key pair using a key generator or other utilities, e.g., ssh-keygen.

  • The private key shall be kept secret and never shared with others, e.g., the remote code repository server/service. It is used by your local SSH agent to authenticate to the remote code repository service.
  • The public key is intended for sharing with others. You should install it on the remote code repository.

Development Environment

The remote code repository service, typically managed by a specific administrator instead of developers, is part of the holistic development environment. However, “your” development environment is limited to your PC, laptop, IDE, etc. As a developer, you cannot change the configurations of the remote code repository unless you are the administrator.

The SSH service listens to TCP or UDP port 22, while your SSH agent on your PC or laptop uses a dynamic port assigned by the operating system. As a result, you don’t have to open the TCP port 22 on your local machine or “your” development environment.

Reference

A BLUEPRINT FOR YOUR SUCCESS IN CISSP

My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

作為開發人員,您想使用SSH連接到遠程代碼存儲庫。 以下哪項最不可能發生?
A. 在遠程代碼存儲庫上安裝您的公開金鑰。
B. 自己生成一對公鑰和私鑰。
C. 在開發環境中打開TCP端口22。
D. 輸入您的密碼登錄。

 

Leave a Reply