CISSP PRACTICE QUESTIONS – 20220226

Posted on by
Effective CISSP Questions

Which one of the following is not a security function of a trusted computer system? (Wentz QOTD)
A. To dump memory to the storage and shut down if a problem causes
B. To require a user to press the Ctrl+Alt+Del key combination to activate the log-on screen
C. To limit information exchange through unused slack space in the storage
D. To grant authorization per the data owner’s discretion


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is C. To limit information exchange through unused slack space in the storage.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

Trusted Computer System
Trusted Computer System

Slack space in the storage is commonly used to implement a covert storage channel. To limit information exchange through unused slack space in the storage results in a covert storage channel.

A trusted computer system comprises non-security mechanisms and protection mechanisms. The Trusted Computing Base (TCB) of the trusted computer system refers to the “totality of protection mechanisms within a computer system, including hardware, firmware, and software, the combination responsible for enforcing a security policy.” (NIST Glossary)

  • To dump memory to the storage and shut down if a problem causes is a feature of Truested Recovery.
  • To require a user to press the Ctrl+Alt+Del key combination to activate the log-on screen refers to the security function Trusted Path.
  • To grant authorization per the data owner’s discretion is also known as Discretionary Access Control (DAC).
Security Kernel
Security Kernel

Reference

以下哪一項不是可信計算機系統的安全功能? (Wentz QOTD)
A. 若出現問題時將記憶體轉儲到儲存裝置並關機
B. 要求用戶按 Ctrl+Alt+Del 組合鍵來激活登入屏幕
C. 通過儲存裝置中未使用的空閒空間(slack space)限制信息交換
D. 根據數據所有者的意思(discretion)授予授權

Leave a Reply