Database views

The Answer: Database views; Database views are mechanisms that restrict
access to the information that a user can access in a database.Source: KRUTZ, Ronald L.
& VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer
Security, 2001, John Wiley & Sons, Page 35.
Wikipedia has a detailed explantion as well:
In database theory, a view is a virtual or logical table composed of the result set of a query.
Unlike ordinary tables (base tables) in a relational database, a view is not part of the
physical schema: it is a dynamic, virtual table computed or collated from data in the
database. Changing the data in a table alters the data shown in the view.
Views can provide advantages over tables;
They can subset the data contained in a table
They can join and simplify multiple tables into a single virtual table
Views can act as aggregated tables, where aggregated data (sum, average etc.) are
calculated and presented as part of the data
Views can hide the complexity of data, for example a view could appear as Sales2000 or
Sales2001, transparently partitioning the actual underlying table
Views do not incur any extra storage overhead
Depending on the SQL engine used, views can provide extra security.
Limit the exposure to which a table or tables are exposed to outer world
Just like functions (in programming) provide abstraction, views can be used to create
abstraction. Also, just like functions, views can be nested, thus one view can aggregate
data from other views. Without the use of views it would be much harder to normalise
databases above second normal form. Views can make it easier to create lossless join
decomposition.

 Most RADIUS servers can work with DIAMETER servers

This is the correct answer because it is FALSE.
Diameter is an AAA protocol, AAA stands for authentication, authorization and accounting
protocol for computer networks, and it is a successor to RADIUS.
The name is a pun on the RADIUS protocol, which is the predecessor (a diameter is twice
the radius).
The main differences are as follows:
Reliable transport protocols (TCP or SCTP, not UDP)
The IETF is in the process of standardizing TCP Transport for RADIUS
Network or transport layer security (IPsec or TLS)
The IETF is in the process of standardizing Transport Layer Security for RADIUS
Transition support for RADIUS, although Diameter is not fully compatible with RADIUS
Larger address space for attribute-value pairs (AVPs) and identifiers (32 bits instead of 8
bits)
Client–server protocol, with exception of supporting some server-initiated messages as well
Both stateful and stateless models can be used
Dynamic discovery of peers (using DNS SRV and NAPTR)
Capability negotiation
Supports application layer acknowledgements, defines failover methods and state
machines (RFC 3539)
Error notification
Better roaming support
More easily extended; new commands and attributes can be defined Aligned on 32-bit boundaries
Basic support for user-sessions and accounting
A Diameter Application is not a software application, but a protocol based on the Diameter
base protocol (defined in RFC 3588). Each application is defined by an application identifier
and can add new command codes and/or new mandatory AVPs. Adding a new optional
AVP does not require a new application.
Examples of Diameter applications:
Diameter Mobile IPv4 Application (MobileIP, RFC 4004)
Diameter Network Access Server Application (NASREQ, RFC 4005)
Diameter Extensible Authentication Protocol (EAP) Application (RFC 4072)
Diameter Credit-Control Application (DCCA, RFC 4006)
Diameter Session Initiation Protocol Application (RFC 4740) Various applications in the 3GPP IP Multimedia Subsystem
All of the other choices presented are true. So Diameter is backwork compatible with
Radius (to some extent) but the opposite is false.
Reference(s) used for this question:
TIPTON, Harold F. & KRAUSE, MICKI, Information Security Management Handbook, 4th
Edition, Volume 2, 2001, CRC Press, NY, Page 38.
and
https://secure.wikimedia.org/wikipedia/en/wiki/Diameter_%28protocol%29

Passwords are more vulnerable to brute force and dictionary attacks.

Users tend to choose easier to remember passwords. System-generated
passwords can provide stronger, harder to guess passwords. Since they are based on
rules provided by the administrator, they can include combinations of uppercase/lowercase
letters, numbers and special characters, making them less vulnerable to brute force and
dictionary attacks. One danger is that they are also harder to remember for users, who will
tend to write them down, making them more vulnerable to anyone having access to the
user's desk. Another danger with system-generated passwords is that if the passwordgenerating
algorithm gets to be known, the entire system is in jeopardy.
Source: RUSSEL, Deborah & GANGEMI, G.T. Sr., Computer Security Basics, O'Reilly,
July 1992 (page 64).

Availability

Denial of service attacks obviously affect availability of targeted systems.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the
Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3:
Telecommunications and Network Security (page 61).

 Lattice-based access control

The lattice is a mechanism use to implement Mandatory Access Control
(MAC)
Under Mandatory Access Control (MAC) you have:
Mandatory Access Control
Under Non Discretionary Access Control (NDAC) you have:
Rule-Based Access Control
Role-Based Access Control
Under Discretionary Access Control (DAC) you have:
Discretionary Access Control
The Lattice Based Access Control is a type of access control used to implement other
access control method. A lattice is an ordered list of elements that has a least upper bound
and a most lower bound. The lattice can be used for MAC, DAC, Integrity level, File
Permission, and more
For example in the case of MAC, if we look at common government classifications, we
have the following:
TOP SECRET
SECRET ------------I am the user at secret
CONFIDENTIAL
SENSITIVE BUT UNCLASSIFIED
UNCLASSIFIED
If you look at the diagram above where I am a user at SECRET it means that I can access
document at lower classification but not document at TOP SECRET. The lattice is a list of
ORDERED ELEMENT, in this case the ordered elements are classification levels. My least
upper bound is SECRET and my most lower bound is UNCLASSIFIED.
However the lattice could also be used for Integrity Levels such as:
VERY HIGH
HIGH
MEDIUM -----I am a user, process, application at the medium level
LOW
VERY LOW  In the case of of Integrity levels you have to think about TRUST. Of course if I take for
example the the VISTA operating system which is based on Biba then Integrity Levels
would be used. As a user having access to the system I cannot tell a process running with
administrative privilege what to do. Else any users on the system could take control of the
system by getting highly privilege process to do things on their behalf. So no read down
would be allowed in this case and this is an example of the Biba model.
Last but not least the lattice could be use for file permissions:
RWX
RW -----User at this level
R
If I am a user with READ and WRITE (RW) access privilege then I cannot execute the file
because I do not have execute permission which is the X under linux and UNIX.
Many people confuse the Lattice Model and many books says MAC = LATTICE, however
the lattice can be use for other purposes.
There is also Role Based Access Control (RBAC) that exists out there. It COULD be used to simulate MAC but it is not MAC as it does not make use of Label on objects indicating
sensitivity and categories. MAC also require a clearance that dominates the object.
You can get more info about RBAC at:http://csrc.nist.gov/groups/SNS/rbac/faq.html#03
Also note that many book uses the same acronym for Role Based Access Control and Rule
Based Access Control which is RBAC, this can be confusing.
The proper way of writing the acronym for Rule Based Access Control is RuBAC,
unfortunately it is not commonly used.
References:
There is a great article on technet that talks about the lattice in VISTA:
http://blogs.technet.com/b/steriley/archive/2006/07/21/442870.aspx to simulate MAC but it is not MAC as it does not make use of Label on objects indicating
sensitivity and categories. MAC also require a clearance that dominates the object.
You can get more info about RBAC at:http://csrc.nist.gov/groups/SNS/rbac/faq.html#03
Also note that many book uses the same acronym for Role Based Access Control and Rule
Based Access Control which is RBAC, this can be confusing.
The proper way of writing the acronym for Rule Based Access Control is RuBAC,
unfortunately it is not commonly used.
References:
There is a great article on technet that talks about the lattice in VISTA:
http://blogs.technet.com/b/steriley/archive/2006/07/21/442870.aspx to simulate MAC but it is not MAC as it does not make use of Label on objects indicating
sensitivity and categories. MAC also require a clearance that dominates the object.
You can get more info about RBAC at:http://csrc.nist.gov/groups/SNS/rbac/faq.html#03
Also note that many book uses the same acronym for Role Based Access Control and Rule
Based Access Control which is RBAC, this can be confusing.
The proper way of writing the acronym for Rule Based Access Control is RuBAC,
unfortunately it is not commonly used.
References:
There is a great article on technet that talks about the lattice in VISTA:
http://blogs.technet.com/b/steriley/archive/2006/07/21/442870.aspx also see:
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten
Domains of Computer Security, John Wiley & Sons, 2001, Chapter 2: Access control
systems (page 33).and
http://www.microsoft-watch.com/content/vista/gaging_vistas_integrity.html

Two-factor authentication

Once an identity is established it must be authenticated. There exist
numerous technologies and implementation of authentication methods however they
almost all fall under three major areas.
There are three fundamental types of authentication:
Authentication by knowledge—something a person knows
Authentication by possession—something a person has
Authentication by characteristic—something a person is
Logical controls related to these types are called “factors.”
Something you know can be a password or PIN, something you have can be a token fob or
smart card, and something you are is usually some form of biometrics.
Single-factor authentication is the employment of one of these factors, two-factor  authentication is using two of the three factors, and three-factor authentication is the
combination of all three factors.
The general term for the use of more than one factor during authentication is multifactor
authentication or strong authentication.Reference(s) used for this question:
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third
Edition ((ISC)2 Press) (Kindle Locations 2367-2379). Auerbach Publications. Kindle
Edition.

 UDP

Source: TIPTON, Harold F. & KRAUSE, MICKI, Information Security
Management Handbook, 4th Edition, Volume 2, 2001, CRC Press, NY, Page 33.

 User accountability for the actions on the system.

Identification and authentication are the keystones of most access control
systems. Identification establishes user accountability for the actions on the system.
The control environment can be established to log activity regarding the identification,
authentication, authorization, and use of privileges on a system. This can be used to detect                       the occurrence of errors, the attempts to perform an unauthorized action, or to validate
when provided credentials were exercised. The logging system as a detective device
provides evidence of actions (both successful and unsuccessful) and tasks that were
executed by authorized users.
Once a person has been identified through the user ID or a similar value, she must be
authenticated, which means she must prove she is who she says she is. Three general
factors can be used for authentication: something a person knows, something a person
has, and something a person is. They are also commonly called authentication by
knowledge, authentication by ownership, and authentication by characteristic.
For a user to be able to access a resource, he first must prove he is who he claims to be,
has the necessary credentials, and has been given the necessary rights or privileges to
perform the actions he is requesting. Once these steps are completed successfully, the
user can access and use network resources; however, it is necessary to track the user’s
activities and enforce accountability for his actions.
Identification describes a method of ensuring that a subject (user, program, or process) is
the entity it claims to be. Identification can be provided with the use of a username or
account number. To be properly authenticated, the subject is usually required to provide a
second piece to the credential set. This piece could be a password, passphrase,
cryptographic key, personal identification number (PIN), anatomical attribute, or token.
These two credential items are compared to information that has been previously stored for
this subject. If these credentials match the stored information, the subject is authenticated.
But we are not done yet. Once the subject provides its credentials and is properly
identified, the system it is trying to access needs to determine if this subject has been given
the necessary rights and privileges to carry out the requested actions. The system will look
at some type of access control matrix or compare security labels to verify that this subject
may indeed access the requested resource and perform the actions it is attempting. If the
system determines that the subject may access the resource, it authorizes the subject.
Although identification, authentication, authorization, and accountability have close and
complementary definitions, each has distinct functions that fulfill a specific requirement in
the process of access control. A user may be properly identified and authenticated to the
network, but he may not have the authorization to access the files on the file server. On the
other hand, a user may be authorized to access the files on the file server, but until she is
properly identified and authenticated, those resources are out of reach.
Reference(s) used for this question:
ISchneiter, Andrew (2013-04-15). Official (ISC)2 Guide to the CISSP CBK, Third Edition:
Access Control ((ISC)2 Press) (Kindle Locations 889-892). Auerbach Publications. Kindle
Edition.
and
Harris, Shon (2012-10-25). CISSP All-in-One Exam Guide, 6th Edition (Kindle Locations
3875-3878). McGraw-Hill. Kindle Edition.
and
Harris, Shon (2012-10-25). CISSP All-in-One Exam Guide, 6th Edition (Kindle Locations
3833-3848). McGraw-Hill. Kindle Edition.
and
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the
Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 36.

 The noninterference model

The goal of a noninterference model is to strictly separate differing security
levels to assure that higher-level actions do not determine what lower-level users can see.
This is in contrast to other security models that control information flows between differing
levels of users, By maintaining strict separation of security levels, a noninterference model
minimizes leakages that might happen through a covert channel.
The model ensures that any actions that take place at a higher security level do not affect,
or interfere with, actions that take place at a lower level.
It is not concerned with the flow of data, but rather with what a subject knows about the
state of the system. So if an entity at a higher security level performs an action, it can not
change the state for the entity at the lower level.
The model also addresses the inference attack that occurs when some one has access to some type of information and can infer(guess) something that he does not have the
clearance level or authority to know.
The following are incorrect answers:
The Bell-LaPadula model is incorrect. The Bell-LaPadula model is concerned only with
confidentiality and bases access control decisions on the classfication of objects and the
clearences of subjects.
The information flow model is incorrect. The information flow models have a similar
framework to the Bell-LaPadula model and control how information may flow between
objects based on security classes. Information will be allowed to flow only in accordance
with the security policy.
The Clark-Wilson model is incorrect. The Clark-Wilson model is concerned with change control and assuring that all modifications to objects preserve integrity by means of wellformed
transactions and usage of an access triple (subjet - interface - object).
References:
CBK, pp 325 - 326
AIO3, pp. 290 - 291
AIOv4 Security Architecture and Design (page 345)
AIOv5 Security Architecture and Design (pages 347 - 348)
https://en.wikibooks.org/wiki/Security_Architecture_and_Design/Security_Models#Noninterf
erence_Models

Challenge Handshake Authentication Protocol (CHAP)

CHAP: A protocol that uses a three way hanbdshake The server sends the
client a challenge which includes a random value(a nonce) to thwart replay attacks. The
client responds with the MD5 hash of the nonce and the password.
The authentication is successful if the client's response is the one that the server expected.
Reference: Page 450, OIG 2007.
CHAP protects the password from eavesdroppers and supports the encryption of
communication.
Reference: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the
Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 44.    

 Lattice model

In a lattice model, there are pairs of elements that have the least upper
bound of values and greatest lower bound of values.
Reference(s) used for this question:
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten
Domains of Computer Security, 2001, John Wiley & Sons, Page 34.

 Data diddling

It involves changing data before , or as it is entered into the computer or in
other words , it refers to the alteration of the existing data.
The other answers are incorrect because :
Salami techniques : A salami attack is the one in which an attacker commits several small
crimes with the hope that the overall larger crime will go unnoticed.
Trojan horses: A Trojan Horse is a program that is disguised as another program.
Viruses:A Virus is a small application , or a string of code , that infects applications.
Reference: Shon Harris , AIO v3
Chapter - 11: Application and System Development, Page : 875-880
Chapter - 10: Law, Investigation and Ethics , Page : 758-759