SSCP Dumps Questions With Valid Answers

 Bell-LaPadula model

The Bell-LaPadula model is a confidentiality model for information security
based on the military classification of data, on people with clearances and data with a
classification or sensitivity model. The Biba, Clark-Wilson and Brewer-Nash models are
concerned with integrity.
Source: HARE, Chris, Security Architecture and Models, Area 6 CISSP Open Study Guide,
January 2002.

Confidentiality

Confidentiality is the prevention of the intentional or unintentional
unauthorized disclosure of contents.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the
Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 60.

Secure Electronic Transaction (SET)

SET was developed by a consortium including Visa and MasterCard.
Source: Harris, Shon, CISSP All In One Exam Guide, pages 668-669.
Mondex is a smart card electronic cash system owned by MasterCard.
SSH-2 is a secure, efficient, and portable version of SSH (Secure Shell) which is a secure
replacement for telnet.
Secure HTTP is a secure message-oriented communications protocol designed for use in
conjunction with HTTP. It is designed to coexist with HTTP's messaging model and to be
easily integrated with HTTP applications.

Port address translation

Port Address Translation (PAT), is an extension to network address
translation (NAT) that permits multiple devices on a local area network (LAN) to be mapped
to a single public IP address. The goal of PAT is to conserve IP addresses or to publish
multiple hosts with service to the internet while having only one single IP assigned on the
external side of your gateway.
Most home networks use PAT. In such a scenario, the Internet Service Provider (ISP)
assigns a single IP address to the home network's router. When Computer X logs on the
Internet, the router assigns the client a port number, which is appended to the internal IP
address. This, in effect, gives Computer X a unique address. If Computer Z logs on the
Internet at the same time, the router assigns it the same local IP address with a different
port number. Although both computers are sharing the same public IP address and
accessing the Internet at the same time, the router knows exactly which computer to send
specific packets to because each computer has a unique internal address.
Port Address Translation is also called porting, port overloading, port-level multiplexed NAT
and single address NAT.
Shon Harris has the following example in her book: The company owns and uses only one public IP address for all systems that need to
communicate outside the internal network. How in the world could all computers use the
exact same IP address? Good question. Here’s an example: The NAT device has an IP
address of 127.50.41.3. When computer A needs to communicate with a system on the
Internet, the NAT device documents this computer’s private address and source port
number (10.10.44.3; port 43,887). The NAT device changes the IP address in the
computer’s packet header to 127.50.41.3, with the source port 40,000. When computer B
also needs to communicate with a system on the Internet, the NAT device documents the
private address and source port number (10.10.44.15; port 23,398) and changes the
header information to 127.50.41.3 with source port 40,001. So when a system responds to
computer A, the packet first goes to the NAT device, which looks up the port number
40,000 and sees that it maps to computer A’s real information. So the NAT device changes
the header information to address 10.10.44.3 and port 43,887 and sends it to computer A
for processing. A company can save a lot more money by using PAT, because the
company needs to buy only a few public IP addresses, which are used by all systems in the
network.
As mentioned on Wikipedia:
NAT is also known as Port Address Translation: is a feature of a network device that
translate TCP or UDP communications made between host on a private network and host
on a public network. I allows a single public IP address to be used by many host on private
network which is usually a local area network LAN
NAT effectively hides all TCP/IP-level information about internal hosts from the Internet.
The following were all incorrect answer:
IP Spoofing - In computer networking, the term IP address spoofing or IP spoofing refers to
the creation of Internet Protocol (IP) packets with a forged source IP address, called
spoofing, with the purpose of concealing the identity of the sender or impersonating
another computing system.
Subnetting - Subnetting is a network design strategy that segregates a larger network into
smaller components. While connected through the larger network, each subnetwork or
subnet functions with a unique IP address. All systems that are assigned to a particular
subnet will share values that are common for both the subnet and for the network as a
whole.
A different approach to network construction can be thought of as subnetting in reverse.
Known as CIDR, or Classless Inter-Domain Routing, this approach also creates a series of subnetworks. Rather than dividing an existing network into small components, CIDR takes
smaller components and connects them into a larger network. This can often be the case
when a business is acquired by a larger corporation. Instead of doing away with the
network developed and used by the newly acquired business, the corporation chooses to
continue operating that network as a subsidiary or an added component of the
corporation’s network. In effect, the system of the purchased entity becomes a subnet of
the parent company's network.
IP Distribution - This is a generic term which could mean distribution of content over an IP
network or distribution of IP addresses within a Company. Sometimes people will refer to
this as Internet Protocol address management (IPAM) is a means of planning, tracking, and
managing the Internet Protocol address space used in a network. Most commonly, tools
such as DNS and DHCP are used in conjunction as integral functions of the IP address
management function, and true IPAM glues these point services together so that each is
aware of changes in the other (for instance DNS knowing of the IP address taken by a
client via DHCP, and updating itself accordingly). Additional functionality, such as
controlling reservations in DHCP as well as other data aggregation and reporting capability,
is also common. IPAM tools are increasingly important as new IPv6 networks are deployed
with larger address pools, different subnetting techniques, and more complex 128-bit
hexadecimal numbers which are not as easily human-readable as IPv4 addresses.
Reference(s) used for this question:
STREBE, Matthew and PERKINS, Charles, Firewalls 24seven, Sybex 2000, Chapter 1:
Understanding Firewalls.
Schneiter, Andrew (2013-04-15). Official (ISC)2 Guide to the CISSP CBK, Third Edition :
Telecommunications and Network Security, Page 350.
Harris, Shon (2012-10-25). CISSP All-in-One Exam Guide, 6th Edition (Kindle Locations
12765-12774). Telecommunications and Network Security, Page 604-606
http://searchnetworking.techtarget.com/definition/Port-Address-Translation-PAT
http://en.wikipedia.org/wiki/IP_address_spoofing
http://www.wisegeek.com/what-is-subnetting.htm
http://en.wikipedia.org/wiki/IP_address_management

Network-based and Host-based.

The two most common implementations of Intrusion Detection are Networkbased
and Host-based.
IDS can be implemented as a network device, such as a router, switch, firewall, or
dedicated device monitoring traffic, typically referred to as network IDS (NIDS).
The" (IDS) "technology can also be incorporated into a host system (HIDS) to monitor a
single system for undesirable activities. "
A network intrusion detection system (NIDS) is a network device .... that monitors traffic
traversing the network segment for which it is integrated." Remember that NIDS are usually
passive in nature.
HIDS is the implementation of IDS capabilities at the host level. Its most significant
difference from NIDS is that related processes are limited to the boundaries of a single-host
system. However, this presents advantages in effectively detecting objectionable activities
because the IDS process is running directly on the host system, not just observing it from
the network.
Reference(s) used for this question:
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third
Edition ((ISC)2 Press) (Kindle Locations 3649-3652). Auerbach Publications. Kindle
Edition.