450 Appendix ■ Answers
4 7. C. Synchronous communications use a timing or clock mechanism to control the data
stream. This can permit very fast communication.- B. The maximum allowed length of a Cat 6 cable is 100 meters, or 328 feet. Long
distances are typically handled by a fiber run or by using network devices like switches or
repeaters. - B. One of the main functions of a forensic drive controller is preventing any command
sent to a device from modifying data stored on the device. For this reason, forensic drive
controllers are also often referred to as write blockers. - A. Setting the Secure cookie will only allow cookies to be sent via HTTPS TLS or SSL
sessions, preventing man-in-the-middle attacks that target cookies. The rest of the settings
are problematic: Cookies are vulnerable to DNS spoofing. Domain cookies should usually
have the narrowest possible scope, which is actually accomplished by not setting the
Domain cookie. This allows only the originating server to access the cookie. Cookies
without the Expires or Max-age attributes are ephemeral and will only be kept for the
session, making them less vulnerable than stored cookies. Normally, the HTTPOnly
attribute is a good idea, but it prevents scripting rather than requiring unencrypted HTTP
sessions. - D. Data remanence describes data that is still on media after an attempt has been made to
remove it. failed clearing and data pooling are not technical terms, and data permanence
describes how long data lasts. - B. Mandatory access control (MAC) applies labels to subjects and objects and allows
subjects to access objects when their labels match. Discretionary access control (DAC) is
controlled by the owner of objects, rule-based access control applies rules throughout a
system, and role-based access control bases rights on roles, which are often handled as
groups of users. - B. Identity as a service (IDaaS) provides capabilities such as account provisioning,
management, authentication, authorization, reporting, and monitoring. Platform as a
service (PaaS), infrastructure as a service (IaaS), and software as a service (SaaS). - C. Eavesdropping, denial of service attacks, and Caller ID spoofing are all common VoIP
attacks. Blackboxing is a made-up answer, although various types of colored boxes were
associated with phone phreaking. - D. This broad access may indirectly violate all of the listed security principles, but it is
most directly a violation of least privilege because it grants users privileges that they do
not need for their job functions. - C. The Secure File Transfer Protocol (SFTP) is specifically designed for encrypted file
transfer. SSH is used for secure command-line access, whereas TCP is one of the bundles
of Internet protocols commonly used to transmit data across a network. IPsec could be
used to create a tunnel to transfer the data but is not specifically designed for file transfer. - B. TACACS+ uses TCP and encrypts the entire session, unlike RADIUS, which only
encrypts the password and operates via UDP.