CISSP Official Practice Tests by Mike Chapple, David Seidl

California Online Privacy Protection Act – code review 463

Class B networks, subnet masks, 93

classification, 28, 33, 35, 37, 39, 41, 120,

182, 261, 327, 329, 330, 334, 436

baseline and, 29

declassification, media reuse and, 42–43

H I PA A , 35

labeling and, 41

mandatory access control system, objects

in, 61

mapping, 50

military, 283, 303, 452

mixed, 332

process, 33

purpose, 33

U.S. government, 29, 62, 243, 269

workstations and, 43

client-side input validation, 399

clipping, 385, 391, 406

cloud computing, 53, 228, 299

hybrid, 362–363

IaaS (infrastructure as a service), 174,

214, 237, 420

IDaaS (identity as a service), 104

PaaS (platform as a service), 237, 345,

420

SaaS (software as a service), 237, 420

shared cloud, 238

sharing infrastructure, 158

cloud identity solutions, 123

cloud-based applications, 119

CMM (Capability Maturity Model), 323

COBIT (Control Objectives for Information

and Related Technology), 28, 290

code

backdoors, 213

versus cipher, 64, 342

Node.js, 170

production code, 181

reuse, 431

static analysis, 454

testing, validating, 138

code coverage testing, 143, 374

code review, 24, 148, 176, 276, 393

business logic flaws, 301

California Online Privacy Protection Act, 280
call mangers, 419
Caller ID spoofing, 450
cantennas, 263, 433
capability tables, 358
capacitance motion detectors, 345
captive portals, 405, 455
CAS (Central Authentication Services), 359
CAST (Carlisle Adams/Stafford Tavares), 457
Category 3 UDP cable, rating, 101
CBC (Cipher Block Chaining), 405
CCMP (Counter Mode Cipher Block
Chaining Message Authentication Mode
Protocol), 97, 271
CCTV (closed circuit television), 338
CDMA, 451
CDN (Content Distribution Network), 404,
419
cellular technology, 301, 309
centralization, 246
CER (crossover error rate), 362, 367, 409,
438, 445
certificate of sanitization, 42
Certificate Revocation List, 74, 346, 437
CFAA (Computer Fraud and Abuse Act),
323, 430
CFB (Cipher Feedback), 405
CFR (Code of Federal Regulations), 321
chain of custody, 75, 346
change control, 395, 453
change management, 17, 193, 306, 326, 412
CHAP (Challenge-Handshake
Authentication Protocol), 348
checklist review, 384, 436
ciphers
Caesar cipher, 63
versus code, 64, 342
Rijndael block cipher, 457
CIR (Committed Information Rate), 347
circuit-level gateways, 405
CIS (Center for Internet Security),
benchmarks, 31, 32, 329
CISO (chief information security officer), 9, 154
Clark-Wilson model, 77, 347