Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

ISC2 Exam CSSLP Topic 8 Question 73 Discussion

Actual exam question for ISC2's CSSLP exam
Question #: 73
Topic #: 8
[All CSSLP Questions]

Which of the following security controls works as the totality of protection mechanisms within a computer system, including hardware, firmware, and software, the combination of which is responsible for enforcing a security policy?

Show Suggested Answer Hide Answer
Suggested Answer: A, C, D

The security challenges for DRM are as follows:

Key hiding: It prevents tampering attacks that target the secret keys. In the key hiding process, secret keys are used for

authentication, encryption, and node-locking.

Device fingerprinting: It prevents fraud and provides secure authentication. Device fingerprinting includes the summary of hardware

and software characteristics in order to uniquely identify a device.

OTA provisioning: It provides end-to-end encryption or other secure ways for delivery of copyrighted software to mobile devices.

Answer B is incorrect. Access control is not a security challenge for DRM.


by Chauncey at Aug 30, 2023, 09:09 PM

Limited Time Offer

25%

Off

Get Premium CSSLP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Dottie
2 hours ago
C is the way to go. The other options are just pieces of the puzzle, but the TCB is the security powerhouse that rules them all!
upvoted 0 times
...
Twana
5 days ago
Hmm, I was torn between B and C, but I think C is the better choice. The trusted computing base is the real deal when it comes to system-wide security.
upvoted 0 times
...
Ammie
14 days ago
I'm going with C as well. The other options seem more like specific security protocols or interfaces, not the comprehensive security framework.
upvoted 0 times
...
Vallie
16 days ago
C) Trusted computing base (TCB) sounds like the right answer here. It's the whole package that enforces security policy.
upvoted 0 times
...
Alease
18 days ago
I'm not sure, but I think A) Common data security architecture (CDSA) could also be a possible answer.
upvoted 0 times
...
Mickie
20 days ago
I agree with Sherell. TCB is the totality of protection mechanisms within a computer system.
upvoted 0 times
...
Sherell
23 days ago
I think the answer is C) Trusted computing base (TCB). It makes sense because it encompasses all protection mechanisms.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77