CISSP Official Practice Tests by Mike Chapple, David Seidl

cut and paste – differential backups 465

failures, 400

firewall architecture and, 95

primary keys, 207

RDBMS, 193

recovery mechanisms, 164, 271

relational, 205, 292, 401

servers, fault tolerance, 152

tables, 180, 395, 443

transactions, preserving, 184

day-to-day tasks, 29

dd tool, 433

DDoS (distributed denial of service) attacks,

12

decentralized access control, 105, 252, 359,

429, 436

declassification, media reuse and, 42–43

decoy environments, 288

decryption, 56, 252

defense in depth, 324

degaussing, 233, 275, 333, 407, 447

deluge system, 451

derived requirements, 397

DES (Data Encryption Standard), 57, 204,

332, 340

3DES (triple DES), 427

CBC (Cipher Block Chaining), 405

CFB (Cipher Feedback), 405

CTR (Counter), 405

ECB (Electronic Codebook), 405

OFB (Output Feedback), 405

design reviews, 181, 395

destination metric protocol, 84

destruction of data, 32, 43, 208, 282, 335,

391, 419, 440, 452

detective control, 4, 445

deterrent control, 4, 441

device fingerprinting, 418

DevOps model, 225, 403, 446

components, 416

dial-up users, 280

diameter, 368

dictionary attacks, 105, 358, 360

diddling attacks, 239

differential backups, 158, 295, 447, 448

cut and paste, virtual machines, 97
CVE (Common Vulnerability and Exposure),
149, 302, 372, 374, 378, 380, 383, 452
CVSS (Common Vulnerability Scoring
System), 377, 435
CWE (Common Weaknesses Enumeration),
378
CWR (Congestion Window Reduced), 434

D

DAA (designated approving authority), 74
DAC (discretionary access control), 361,
363, 449
DAC schemes, versus MAC schemes, 113
darknet, 156, 383, 409, 445
DARPA TCP/IP model, 89, 351
data
destruction, 32, 43, 282, 392, 419,
440, 452
removal, 34
responsibility, 39
data at large, 334
data at rest, 31, 32–33, 45, 48, 223, 329,
330
data breaches, 3, 318, 326, 330, 337
data center location, 293
data custodian, 321
data diddling attacks, 239
data elements, 331
data in motion, 49
data in transit, 39, 223, 333
data in use, 334
data permanence, 330
data portability, 336
data remanence, 328, 449, 450
data removal, 30
data retention, 28, 328
data streams, 95, 354, 429, 454
databases, 182, 190, 261
ACID model, 196
concurrency, 198
DynamoDB, 189