Copyright holders, content providers, and manufacturers use digital rights management (DRM) in order to limit usage of digital media and devices. Which of the following security challenges does DRM include? Each correct answer represents a complete solution. Choose all that apply.
The security challenges for DRM are as follows:
Key hiding: It prevents tampering attacks that target the secret keys. In the key hiding process, secret keys are used for
authentication, encryption, and node-locking.
Device fingerprinting: It prevents fraud and provides secure authentication. Device fingerprinting includes the summary of hardware
and software characteristics in order to uniquely identify a device.
OTA provisioning: It provides end-to-end encryption or other secure ways for delivery of copyrighted software to mobile devices.
Answer B is incorrect. Access control is not a security challenge for DRM.
Which of the following statements about a host-based intrusion prevention system (HIPS) are true?
Each correct answer represents a complete solution. Choose two.
A host-based intrusion prevention system (HIPS) is an application usually employed on a single computer. It complements traditional finger-
print-based and heuristic antivirus detection methods, since it does not need continuous updates to stay ahead of new malware. When a
malicious code needs to modify the system or other software residing on the machine, a HIPS system will notice some of the resulting changes
and prevent the action by default or notify the user for permission. It can handle encrypted and unencrypted traffic equally and cannot detect
events scattered over the network.
Answer B is incorrect. Network address translation (NAT) is a technique that allows multiple computers to share one or more IP
addresses. NAT is configured at the server between a private network and the Internet. It allows the computers in a private network to share
a global, ISP assigned address. NAT modifies the headers of packets traversing the server. For packets outbound to the Internet, it translates
the source addresses from private to public, whereas for packets inbound from the Internet, it translates the destination addresses from
public to private.
Answer A is incorrect. Network intrusion prevention system (NIPS) is a hardware/software platform that is designed to analyze, detect,
and report on security related events. NIPS is designed to inspect traffic and based on its configuration or security policy, it can drop malicious
traffic. NIPS is able to detect events scattered over the network and can react.
Who amongst the following makes the final accreditation decision?
The DAA, also known as Authorizing Official, makes the final accreditation decision. The Designated Approving Authority (DAA), in the United
States Department of Defense, is the official with the authority to formally assume responsibility for operating a system at an acceptable level
of risk. The DAA is responsible for implementing system security. The DAA can grant the accreditation and can determine that the system's
risks are not at an acceptable level and the system is not ready to be operational.
Answer D is incorrect. An Information System Security Officer (ISSO) plays the role of a supporter. The responsibilities of an Information
System Security Officer (ISSO) are as follows:
Manages the security of the information system that is slated for Certification & Accreditation (C&A).
Insures the information systems configuration with the agency's information security policy.
Supports the information system owner/information owner for the completion of security-related responsibilities.
Takes part in the formal configuration management process.
Prepares Certification & Accreditation (C&A) packages.
Answer A is incorrect. An Information System Security Engineer (ISSE) plays the role of an advisor. The responsibilities of an
Information System Security Engineer are as follows:
Provides view on the continuous monitoring of the information system.
Provides advice on the impacts of system changes.
Takes part in the configuration management process.
Takes part in the development activities that are required to implement system changes.
Follows approved system changes.
Answer B is incorrect. A Chief Risk Officer (CRO) is also known as Chief Risk Management Officer (CRMO). The Chief Risk Officer or Chief
Risk Management Officer of a corporation is the executive accountable for enabling the efficient and effective governance of significant risks,
and related opportunities, to a business and its various segments. Risks are commonly categorized as strategic, reputational, operational,
financial, or compliance-related. CRO's are accountable to the Executive Committee and The Board for enabling the business to balance risk
and reward. In more complex organizations, they are generally responsible for coordinating the organization's Enterprise Risk Management
(ERM) approach.
Which of the following is generally used in packages in order to determine the package or product tampering?
Tamper resistance is resistance tampered by the users of a product, package, or system, or the users who can physically access it. It includes
simple as well as complex devices. The complex device encrypts all the information between individual chips, or renders itself inoperable.
Tamper resistance is generally used in packages in order to determine package or product tampering.
Answer B is incorrect. Tamper evident specifies a process or device that makes unauthorized access to the protected object easily
detected.
Answer D is incorrect. Tamper proofing makes computers resistant to interference. Tamper proofing measures include automatic
removal of sensitive information, automatic shutdown, and automatic physical locking.
Answer C is incorrect. Tamper data is used to view and modify the HTTP or HTTPS headers and post parameters.
Which of the following describes the acceptable amount of data loss measured in time?
The Recovery Point Objective (RPO) describes the acceptable amount of data loss measured in time. It is the point in time to which data must
be recovered as defined by the organization. The RPO is generally a definition of what an organization determines is an 'acceptable loss' in a
disaster situation. If the RPO of a company is 2 hours and the time it takes to get the data back into production is 5 hours, the RPO is still 2
hours. Based on this RPO the data must be restored to within 2 hours of the disaster.
Answer B is incorrect. The Recovery Time Objective (RTO) is the duration of time and a service level within which a business process
must be restored after a disaster or disruption in order to avoid unacceptable consequences associated with a break in business continuity. It
includes the time for trying to fix the problem without a recovery, the recovery itself, tests and the communication to the users. Decision time
for user representative is not included. The business continuity timeline usually runs parallel with an incident management timeline and may
start at the same, or different, points.
In accepted business continuity planning methodology, the RTO is established during the Business Impact Analysis (BIA) by the owner of a
process (usually in conjunction with the Business Continuity planner). The RTOs are then presented to senior management for acceptance.
The RTO attaches to the business process and not the resources required to support the process.
Answer D is incorrect. The Recovery Time Actual (RTA) is established during an exercise, actual event, or predetermined based on
recovery methodology the technology support team develops. This is the time frame the technology support takes to deliver the recovered
infrastructure to the business.
Answer C is incorrect. The Recovery Consistency Objective (RCO) is used in Business Continuity Planning in addition to Recovery Point
Objective (RPO) and Recovery Time Objective (RTO). It applies data consistency objectives to Continuous Data Protection services.
Currently there are no comments in this discussion, be the first to comment!