CISSP PRACTICE QUESTIONS – 20220125

Effective CISSP Questions

On August 20, 1998, NIST announced a group of fifteen AES candidate algorithms at the First AES Candidate Conference (AES1) and selected five algorithms from the fifteen as “AES finalists in Round 2 (AES2). Which of the following is least considered in the NIST cryptographic standard selection process? (Wentz QOTD)
A. Kerckhoff’s principle
B. Open design
C. Work factor
D. Locard’s principle of exchange


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. Locard’s principle of exchange.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

Locard’s Principle of Exchange

“In forensic science, Locard’s principle holds that the perpetrator of a crime will bring something into the crime scene and leave with something from it, and that both can be used as forensic evidence. Dr. Edmond Locard (1877–1966) was a pioneer in forensic science who became known as the Sherlock Holmes of Lyon, France.” (Wikipedia)

Advanced Encryption Standard Process

“The Advanced Encryption Standard (AES), the symmetric block cipher ratified as a standard by National Institute of Standards and Technology of the United States (NIST), was chosen using a process lasting from 1997 to 2000 that was markedly more open and transparent than its predecessor, the Data Encryption Standard (DES). This process won praise from the open cryptographic community, and helped to increase confidence in the security of the winning algorithm from those who were suspicious of backdoors in the predecessor, DES.” (Wikipedia)

The Kerchoff Principle
The Kerchoff Principle
Architectural and Design Principles
Architectural and Design Principles
Taxonomy of Security Design Principles
Taxonomy of Security Design Principles

Reference


1998 年 8 月 20 日,NIST 在第一屆 AES 候選會議 (AES1) 上公佈了一組 15 種 AES 候選算法,並從 15 種算法中選出了 5 種算法作為“第 2 輪 (AES2) 的 AES 決賽入圍者。在 NIST 加密標準選擇過程中,下列哪一項是最少考慮的?(Wentz QOTD)
A. Kerckhoff’s principle
B. Open design
C. Work factor
D. Locard’s principle of exchange

Leave a Reply