Sign up to save your podcasts
Or
Share RCR 094: CISSP Exam Questions around Data Hiding – CISSP Training and Study!
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
RCR 094: CISSP Exam Questions around Data Hiding – CISSP Training and Study!
Subscribe: iTunes | Goggle Play | Stitcher Radio | RSS
Description:
Shon Gerber from ShonGerber.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need to enhance your cybersecurity career. Shon utilizes his expansive knowledge while providing superior training from his years of training people in cybersecurity.
Shon will provide CISSP training and study around the tools you need to better understand what you need to know to be better prepared for the CISSP Exam Questions. His knowledge will provide the skills needed to pass the CISSP Exam.
BTW - Get access to all my Free Content and CISSP Training Courses here at: https://shongerber.com/
Available Courses:
- CISSP Training Course - https://www.shongerber.com/offers/zYsL6MCB
- CISO Training Course - https://www.shongerber.com/offers/zd2RbL6o
CISSP Exam Questions
Question: 165
Steve has found out that the software product that his team submitted for evaluation did not achieve the actual rating they were hoping for. He was confused about this issue since the software passed the necessary certification and accreditation processes before being deployed. Steve was told that the system allows for unauthorized device drivers to be loaded and that there was a key sequence that could be used to bypass the software access control protection mechanisms. Some feedback Steve received from the product testers is that it should implement address space layout randomization and data execution protection.
Which of the following best describes an item the software development team needs to address to ensure that drivers cannot be loaded in an unauthorized manner?
A. Improved security kernel processes
B. Improved security perimeter processes
C. Improved application programming interface processes
D. Improved garbage collection processes
- If device drivers can be loaded improperly, then either the access control rules outlined within the reference monitor need to be improved upon or the current rules need to be better enforced through the security kernel processes. Only authorized subjects should be able to install sensitive software components that run within ring 0 of a system.
https://www.brainscape.com/subjects/cissp-domains
------------------------------------
Question: 166
Steve has found out that the software product that his team submitted for evaluation did not achieve the actual rating they were hoping for. He was confused about this issue since the software passed the necessary certification and accreditation processes before being deployed. Steve was told that the system allows for unauthorized device drivers to be loaded and that there was a key sequence that could be used to bypass the software access control protection mechanisms. Some feedback Steve received from the product testers is that it should implement address spac
Gain access to 30 FREE CISSP Exam Questions each and every month by going to FreeCISSPQuestions.com and sign-up to join the team for Free.
View all episodes
By Shon Gerber, vCISO, CISSP, Cyber Security Consultant, Author and EntrepreneurSubscribe: iTunes | Goggle Play | Stitcher Radio | RSS
Description:
Shon Gerber from ShonGerber.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need to enhance your cybersecurity career. Shon utilizes his expansive knowledge while providing superior training from his years of training people in cybersecurity.
Shon will provide CISSP training and study around the tools you need to better understand what you need to know to be better prepared for the CISSP Exam Questions. His knowledge will provide the skills needed to pass the CISSP Exam.
BTW - Get access to all my Free Content and CISSP Training Courses here at: https://shongerber.com/
Available Courses:
- CISSP Training Course - https://www.shongerber.com/offers/zYsL6MCB
- CISO Training Course - https://www.shongerber.com/offers/zd2RbL6o
CISSP Exam Questions
Question: 165
Steve has found out that the software product that his team submitted for evaluation did not achieve the actual rating they were hoping for. He was confused about this issue since the software passed the necessary certification and accreditation processes before being deployed. Steve was told that the system allows for unauthorized device drivers to be loaded and that there was a key sequence that could be used to bypass the software access control protection mechanisms. Some feedback Steve received from the product testers is that it should implement address space layout randomization and data execution protection.
Which of the following best describes an item the software development team needs to address to ensure that drivers cannot be loaded in an unauthorized manner?
A. Improved security kernel processes
B. Improved security perimeter processes
C. Improved application programming interface processes
D. Improved garbage collection processes
- If device drivers can be loaded improperly, then either the access control rules outlined within the reference monitor need to be improved upon or the current rules need to be better enforced through the security kernel processes. Only authorized subjects should be able to install sensitive software components that run within ring 0 of a system.
https://www.brainscape.com/subjects/cissp-domains
------------------------------------
Question: 166
Steve has found out that the software product that his team submitted for evaluation did not achieve the actual rating they were hoping for. He was confused about this issue since the software passed the necessary certification and accreditation processes before being deployed. Steve was told that the system allows for unauthorized device drivers to be loaded and that there was a key sequence that could be used to bypass the software access control protection mechanisms. Some feedback Steve received from the product testers is that it should implement address spac
Gain access to 30 FREE CISSP Exam Questions each and every month by going to FreeCISSPQuestions.com and sign-up to join the team for Free.