CISSP PRACTICE QUESTIONS – 20191214

Effective CISSP Questions

Your company decides to start the business of selling toys online and shipping globally. A software development team in-house is in charge of developing a web-based E-Commerce system that supports the new business. You are assigned as the project manager of the software development project. Which of the following artifact is the source of authority for your assignment?
A. Master project management plan
B. Project charter
C. Software development policy
D. Business case

Continue reading

SPML, SAML, and XACML

SPML, SAML, and XACML

  • SPML helps streamline the provisioning process.
  • SAML facilitates federated identity and single sign-on. (The sequence diagram is highly simplified. The HTTP methods and redirections are not depicted. Pls refer to SAML specification for details.)
  • XACML enables attribute-based access control.
These three XML-based protocols are proposed by OASIS. They are a good fit to integrate solutions across vendors or build the extranet.

CISSP PRACTICE QUESTIONS – 20191213

Effective CISSP Questions

Your company decides to start the business of selling toys online and shipping globally. A team in-house is in charge of developing a web-based E-Commerce system that supports the new business. The team is evaluating the authentication solution. Which of the following is the least feasible?
A. Use the ‘Basic’ HTTP authentication encoded with Base64 but not encrypted
B. Use HTTP Digest access authentication that relies on browser implementation
C. Implement Kerberos to protect passwords and facilitate single sign-on (SSO)
D. Develop a proprietary mechanism by sending an HTML form via HTTP POST in clear text

Continue reading