Cissp 认证疑难解析
Study Questions for the CISSP Exam
Robert G. Ferrell, CISSP
Derived from the Information Security Management Handbook, 4th Ed.
by Harold F. Tipton and Micki Krause
Auerbach/CRC Press: 2000
ISBN: 1-8493-9829-0
Note: I skipped the Risk Management chapter because I ran out of time. Sorry.
Domain 1: Access Control
What is the false reject rate?
The percentage of authorized personnel rejected by a system. Also called type I errors.
What is the false accept rate?
The percentage of unauthorized personnel accepted by a system. Also called type II errors.
What is the crossover error rate?
The percentage at which FRR == FAR.The smaller the CER, the more accurate the system.
What is the significance of the CER?
Provides the most fair and impartial meanings of assessing system performance.
What are the most important biometric system characteristics?
Speed and throughput. Accepted standards are 5 seconds/person and 6-10/minute portal throughput.
Which three human characteristics used for biometric identification are unique?
Fingerprint, retina, iris.
What are the features of the iris that make it unique?
Freckles, rings, rifts, pits, striations, fibers, filaments, furrows, vasculature, coronas.
What some of the types of counterfeit data used to gain access to biometric systems?
Rubber, plastic, and body parts of deceased (authorized) persons.
Why is lack of resistance to counterfeiting less likely to result in system failure than previously?
Biometric systems have proliferated into many non-high-security areas.
What is the average size of biometric data files?
Range from 9 - 10KB, with most falling between 256 - 1KB.
What is the accepted standard for biometric access enrollment time?
Two minutes/person.
What are some common concerns people have about biometric access?
Intrusion into "personal space" (light beams in eye); making firm physical contact
with surfaces where many other people have been; speaking closely into microphones
used by many other people. Being forced to do these things by an organization.
What are some problems associated with the use of biometric systems over the past 25 years?
Performance, hardware/software robustness, maintenance requirements, sabotage,
perceived health risks of use, privacy issues, and ability/willingness to use the system.
What are the two factors to consider when purchasing a biometric system?
Limit consideration to proven technologies and check out systems already in place.
What factors come into play when considering hardware/software robustness?
Scalability and durability.
Name some health problems that can be inadvertently discovered by biometric systems.
Diabetes, stroke (blood vessel pattern changes in the retina).
What are the advantages of using biometric access over cardkey systems?
Biometric systems identify people. Card systems identify keys.
Life cycle costs are reduced when no card or PIN administration is needed.
What are some common biometric parameters that change over time?
Voice, signature, retina pattern (during certain disease states).
What are some different types of biometric systems?
Fingerprint, hand geometry, voice pattern, retina pattern, signature dynamics.
Fill in the following table:
Biometric System File Size Enroll/Response Accuracy (%) Unique Aspects Time FAR FRR CER
Fingerprint 0.5-1.5KB Data Link) none, since they merely copy signals and send them on.
Bridge: (->Network) stores and forwards entire packets; can filter out non-local packets. Uses
hardware (48 bit) addressing only.
Routers/Gateways: (->Transport) can filter packets by IP address or port. Can be used to
allow/disallow/re-route IP datagrams according to IP address.
What are the architectural layers of TCP/IP?
Network Access: routines for accessing physical networks. (Ph, DL, N)
Internet: defines datagram and handles
