[CCCure CISSP] CISSPstudy Digest, Vol 20, Issue 1
gerritsjs
gerritsjs at gmail.com
Wed Feb 10 19:09:01 EST 2010
What are we talking about?
-----Original Message-----
From: cisspstudy-bounces at cccure.org [mailto:cisspstudy-bounces at cccure.org]
On Behalf Of twitwicki at hannaford.com
Sent: Wednesday, February 10, 2010 11:23 AM
To: cisspstudy at cccure.org
Subject: Re: [CCCure CISSP] CISSPstudy Digest, Vol 20, Issue 1
Shibin,
I have both versions. There is a new and useful glossary in V5 and a
new appendix describing an emerging vulnerability standard which doesn't
seem like it would be included in the exam. Other than these two, I wasn't
able to easily see what had been added or enhanced which might be reflected
on the exam. I did look at the Common Criteria (EAL1-7) in detail because
it seems like there is increasing adoption of this over the TCSEC Oragne
Book, but I couldn't see any difference in the treatment.
Tom Witwicki, CIPP
Director, Information Security
Hannaford Bros. Co.
207-885-2073
Join me on Linkedin!
http://www.linkedin.com/in/tomwitwicki
cisspstudy-reques
t at cccure.org
Sent by: To
cisspstudy-bounce cisspstudy at cccure.org
s at cccure.org cc
Subject
02/10/2010 01:00 CISSPstudy Digest, Vol 20, Issue 1
PM
Please respond to
cisspstudy at cccure
.org
Send CISSPstudy mailing list submissions to
cisspstudy at cccure.org
To subscribe or unsubscribe via the World Wide Web, visit
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
or, via email, send a message with subject or body 'help' to
cisspstudy-request at cccure.org
You can reach the person managing the list at
cisspstudy-owner at cccure.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of CISSPstudy digest..."
Today's Topics:
1. Re: cisspstudy Digest, Vol 19, Issue 23 (Shibin Thomas)
----------------------------------------------------------------------
Message: 1
Date: Wed, 10 Feb 2010 22:00:17 +0400
From: Shibin Thomas <shibinthomas at gmail.com>
To: cisspstudy at cccure.org
Subject: Re: [CCCure CISSP] cisspstudy Digest, Vol 19, Issue 23
Message-ID:
<4c1695c81002101000t58d5052s2d2c9ae25238b0a7 at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
Hi All,
Is there any change the topics because of new release of books.
Regards
Shibin
On Thu, Jan 21, 2010 at 9:00 PM, <cisspstudy-request at cccure.org> wrote:
> Send cisspstudy mailing list submissions to
> cisspstudy at cccure.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> or, via email, send a message with subject or body 'help' to
> cisspstudy-request at cccure.org
>
> You can reach the person managing the list at
> cisspstudy-owner at cccure.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of cisspstudy digest..."
>
>
> Today's Topics:
>
> 1. Re: cisspstudy Digest, Vol 19, Issue 18 (Holland, Brandon)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 20 Jan 2010 14:06:11 -0600
> From: "Holland, Brandon" <hollandb at frmaint.com>
> To: "The CISSP Study Mailing list" <cisspstudy at cccure.org>
> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 18
> Message-ID:
> <58B3233454132D468C5F0D655003DA6410F891EA at MAIL.frmaint.com>
> Content-Type: text/plain; charset="us-ascii"
>
> That's what stinks about a lot of these questions... because you can
> understand everything there is to know about the keys and types of keys
> and still can miss it because you didn't know how the question author
> wanted you to interpret the question... but this is great is at least
> whether or not u get this question wrong, it will help to concrete the
> underlying concepts in your head (the actual important thing, much
> better than getting a question right on a test)
>
> Saying all this, I think this is a little over-blown... over
> analyzed... I think the author put "fully" not for you to ensure you
> count the same key each time it's used, but to make sure you really know
> asymmetric and don't use the symmetric key formula on it instead... you
> only need 20 keys in total to fully communicate to every person, no
> matter how many times those keys are used. Also, it says how many keys
> are 'required' not how many times they are 'used'
>
>
>
> -----Original Message-----
> From: cisspstudy-bounces at cccure.org
> [mailto:cisspstudy-bounces at cccure.org] On Behalf Of gerritsjs
> Sent: Wednesday, January 20, 2010 12:07 PM
> To: 'The CISSP Study Mailing list'
> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 18
>
> Tom;
>
> Let us put it in perspective. Let us assume that you have made two
> keys
> to your house (i.e one public key and one private key).... that is two.
> You
> plan to take a vacation for nine/ten days. You have asked 9 friends of
> yours
> to watch the house, while you are away. You have given your public key
> to a
> trusted entity (i.e., your aunt/uncle) and told her that you have
> identified
> 9 friends to watch your house while you are away and that she is to
> provide
> your friends with the public key to your house.
>
> To use the asymmetric logic, the trusted entity must not duplicate the
> key
> and that the "trusted" person who is responsible for watching the house
> returns the key to the trusted entity upon completion of his/her watch,
> so
> that the next "trusted" person can obtain the key and watch the house
> for
> you. Using this logic, I agree that the number of keys is still 2.
>
> When reading the question, it appears that each of your 9 friends has
> the
> key to your house (even though they are duplicates), while you are away.
> And that, let us say, your condo is in New York and that your friends
> are
> scattered throughout the United States, and you entrusted them with your
> condo of $2 Million in New York. That is, your friends are in Chicago,
> Washington D.C., Ann Arbor, Dallas, Miami, etc. The trusted entity is
> in
> Los Angeles. Question: Is the asymmetric logic still applicable?
>
> jonus
>
>
> -----Original Message-----
> From: cisspstudy-bounces at cccure.org
> [mailto:cisspstudy-bounces at cccure.org]
> On Behalf Of twitwicki at hannaford.com
> Sent: Wednesday, January 20, 2010 6:20 AM
> To: cisspstudy at cccure.org
> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 18
>
>
>
> Janus,
>
> Thank you for adding your explanation of the question. I can see the
> logic
> and your formula makes it easy to understand, but should the public keys
> be
> counted as separate for each participant? Aren't they really just the
> same
> public key used by the 10 participants? The fact that Asymmetric
> encryption is described as more scalable than symmetric also points to
> this. If the were a symmetric case, the keys needed would be 45 .
> There
> is a also an example in the ISC2 guide which supports the approach which
> leads to the answer of 20.
>
> Tom Witwicki, CIPP
> Director, Information Security
> Hannaford Bros. Co.
> 207-885-2073
>
> Join me on Linkedin!
> http://www.linkedin.com/in/tomwitwicki
>
>
>
>
>
>
>
>
> cisspstudy-reques
>
> t at cccure.org
>
> Sent by:
> To
> cisspstudy-bounce cisspstudy at cccure.org
>
> s at cccure.org
> cc
>
>
>
> Subject
> 01/19/2010 05:53 cisspstudy Digest, Vol 19, Issue
> 18
> PM
>
>
>
>
>
> Please respond to
>
> cisspstudy at cccure
>
> .org
>
>
>
>
>
>
>
>
>
> Send cisspstudy mailing list submissions to
> cisspstudy at cccure.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> or, via email, send a message with subject or body 'help' to
> cisspstudy-request at cccure.org
>
> You can reach the person managing the list at
> cisspstudy-owner at cccure.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of cisspstudy digest..."
>
>
> Today's Topics:
>
> 1. Re: cisspstudy Digest, Vol 19, Issue 16 (gerritsjs)
> 2. Re: cisspstudy Digest, Vol 19, Issue 16 (Saurabh Bhargava)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 19 Jan 2010 14:02:56 -0800
> From: "gerritsjs" <gerritsjs at gmail.com>
> To: "'The CISSP Study Mailing list'" <cisspstudy at cccure.org>,
> "'Nimal
> Gunarathna'" <ng949 at yahoo.com>
> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
> Message-ID: <4b562c14.0c07560a.29a4.ffffa51a at mx.google.com>
> Content-Type: text/plain; charset="us-ascii"
>
> Nimal, Tom;
>
> The question is "fully" communicated. Within a community of 10 users,
> each user will have one private key. So we have 10 private keys.
> Public
> keys are as follows:
> For each user, there are 10 public keys. 10 users imply 100 public
> keys.
> This makes a total of 110 keys.
>
> Think of a Mesh Technology.
>
> Jonus
>
> -----Original Message-----
> From: cisspstudy-bounces at cccure.org
> [mailto:cisspstudy-bounces at cccure.org]
> On Behalf Of twitwicki at hannaford.com
> Sent: Tuesday, January 19, 2010 1:23 PM
> To: Nimal Gunarathna
> Cc: cisspstudy at cccure.org
> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
>
>
>
> Hi Nimal,
> I followed the same logic as you on this question. In order to
> get
> to the 110 answer each public key would have to be counted each time
> it's
> used which doesn't make sense. I've come across other examples from
> this
> book that are very questionable, which leads me to believe that the
> questions and answers have not been thouroughly vetted. Thank you for
> the
> reply.
>
> Tom Witwicki, CIPP
> Director, Information Security
> Hannaford Bros. Co.
> 207-885-2073
>
> Join me on Linkedin!
> http://www.linkedin.com/in/tomwitwicki
>
>
>
>
>
>
>
> Nimal Gunarathna
> <ng949 at yahoo.com>
>
> To
> 01/19/2010 04:07 cisspstudy at cccure.org
> PM
> cc
> twitwicki at hannaford.com
>
> Subject
> Re: cisspstudy Digest, Vol 19,
> Issue 16
>
>
>
>
>
>
>
>
>
>
>
> Hi Tom,
>
>
> This question puzzles me..
>
> In an asymmetric system how many keys are required for 10 users to
> fully
>
> communicate?
>
>
> Every user has a one private and a one public key. I can send my same
>
> public
>
> key to all others. For 10 people, 20 keys are needed.. I am not sure
> how
>
> 110 come from?
>
> Is this a private com session or just a different comm session with
> each
>
> pair?
>
>
> Thanks,
>
>
> Nimal Gunarathna
>
>
>
>
> --- On Tue, 1/19/10, cisspstudy-request at cccure.org
>
> <cisspstudy-request at cccure.org> wrote:
>
>
> From: cisspstudy-request at cccure.org <cisspstudy-request at cccure.org>
>
> Subject: cisspstudy Digest, Vol 19, Issue 16
>
> To: cisspstudy at cccure.org
>
> Date: Tuesday, January 19, 2010, 11:00 AM
>
>
> Send cisspstudy mailing list submissions to
>
> cisspstudy at cccure.org
>
>
> To subscribe or unsubscribe via the World Wide Web, visit
>
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
> or, via email, send a message with subject or body 'help' to
>
> cisspstudy-request at cccure.org
>
>
> You can reach the person managing the list at
>
> cisspstudy-owner at cccure.org
>
>
> When replying, please edit your Subject line so it is more specific
>
> than "Re: Contents of cisspstudy digest..."
>
>
>
> Today's Topics:
>
>
> 1. cisspstudy - Cryptography questions (twitwicki at hannaford.com)
>
> 2. Re: New to CISSP Cert (Mark Price)
>
> 3. Re: New to CISSP Cert (jack wang)
>
> 4. Re: New to CISSP Cert (Jeronimo Zucco)
>
>
>
> ----------------------------------------------------------------------
>
>
> Message: 1
>
> Date: Mon, 18 Jan 2010 14:48:26 -0500
>
> From: twitwicki at hannaford.com
>
> To: cisspstudy at cccure.org
>
> Subject: [Cisspstudy] cisspstudy - Cryptography questions
>
> Message-ID:
>
> <
>
>
> OF8F407D94.BBDB76DE-ON852576AF.006B4314-852576AF.006CCD97 at hannaford.com>
>
>
> Content-Type: text/plain; charset=US-ASCII
>
>
>
>
> Hello all,
>
> I'd like your thoughts on these questions from Michael Gregg's
>
> CISSP
>
> Practice questions:
>
>
> In an asymmetric system how many keys are required for 10 users to
> fully
>
> communicate?
>
>
> A. 10
>
> B. 20
>
> C. 45
>
> D 110
>
>
> The answer states D. 110 - "Each user would have his private, phus
> his
>
> public key, plus each of the nine other public keys"
>
> Shouldn't the answer be B. 20 because the public keys is only couned
>
> once
>
> for each private/public pair? This also seems consistent with the
>
> formula
>
> for symmetric keys: N(N-1)/2 where N is the number of users needing to
>
> communicate. In this case the secret key is only counted once even if
>
> it's
>
> shared between users.
>
>
>
> Here's another question that has me puzzled:
>
>
> Which cryptographic system can be used for integrity, authenticity and
>
> non-repudiation?
>
>
> A. Asymmetric encryption
>
> B. Symmetric encryption
>
> C. Hashing
>
> D. None of the above
>
>
> The answers states A. Asymmetric. Shouldn't the answer be D. None of
> the
>
> above because Hashing is needed for integrity?
>
>
> Your thoughts will be much appreciated.
>
>
>
> Tom Witwicki, CIPP
>
> Director, Information Security
>
> Hannaford Bros. Co.
>
> 207-885-2073
>
>
> Join me on Linkedin!
>
> http://www.linkedin.com/in/tomwitwicki
>
>
>
>
>
>
>
>
> ------------------------------
>
>
> Message: 2
>
> Date: Mon, 18 Jan 2010 21:47:45 +0000
>
> From: "Mark Price" <prinext at gmail.com>
>
> To: "The CISSP Study Mailing list" <cisspstudy at cccure.org>
>
> Subject: Re: [Cisspstudy] New to CISSP Cert
>
> Message-ID:
>
> <
>
>
> 1180962559-1263851266-cardhu_decombobulator_blackberry.rim.net-147941822
> -
>
> @bda153.bisx.prod.on.blackberry>
>
>
> Content-Type: text/plain
>
>
> I have heard each edition is an update of the previous plus more of
> the
>
> latest technology and or standards.
>
> I have the 4th and the DVD set, they plus cccure.org worked for me.
>
> V/r,
>
>
> Mark Price
>
> PRINEXT
>
> c:240-743-7654
>
> mprice at prinext.com
>
> www.prinext.com
>
>
> -----Original Message-----
>
> From: Cert Prep <bugtraq.mailbox at gmail.com>
>
> Date: Mon, 18 Jan 2010 13:22:40
>
> To: The CISSP Study Mailing list<cisspstudy at cccure.org>
>
> Subject: Re: [Cisspstudy] New to CISSP Cert
>
>
> Thanks Jeronimo. I will listen to it.
>
>
> I have Shon Harris Second Edition which I bought many years back. I
>
> have heard that 5th edition is about to come. Is it ok to prepare from
>
> second edition until 5th edition is out? Does anybody know the
>
> differences between 2nd and 4th? I am sure there will be many but are
>
> those drastic to the extent that I will have to revise the stuff,
>
> which I have already gone through using second edition, from 5th
>
> edition once it is published?
>
>
> Any help would be appreciated.
>
>
> Thanks.
>
> Adam
>
>
> On Mon, Jan 18, 2010 at 12:51 PM, Jeronimo Zucco <jczucco at gmail.com>
>
> wrote:
>
> > 2010/1/18 Cert Prep <bugtraq.mailbox at gmail.com>:
>
> >> Hi Folks,
>
> >>
>
> >> I am planning to prepare for CISSP Cert and would like to know
> which
>
> >> book or material is best for the preparations.
>
> >
>
> >
>
> > http://www.cccure.org/flash/intro/player.html
>
> >
>
> >
>
> >
>
> > --
>
> > Jeronimo Zucco
>
> > http://jczucco.blogspot.com
>
> >
>
> > _______________________________________________
>
> > cisspstudy mailing list
>
> > cisspstudy at cccure.org
>
> > http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
> >
>
>
> _______________________________________________
>
> cisspstudy mailing list
>
> cisspstudy at cccure.org
>
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
> ------------------------------
>
>
> Message: 3
>
> Date: Tue, 19 Jan 2010 20:05:00 +0800
>
> From: jack wang <windjie at gmail.com>
>
> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
>
> Subject: Re: [Cisspstudy] New to CISSP Cert
>
> Message-ID:
>
> <3c43566f1001190405t2bfd204as4a953dd160a5b92b at mail.gmail.com>
>
> Content-Type: text/plain; charset="iso-8859-1"
>
>
> Shon Harris Second Edition,plus www.cccure.org,they are enough
>
> -------------- next part --------------
>
> An HTML attachment was scrubbed...
>
> URL: <
>
>
> http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100119/0
> d
>
> 0b7b8f/attachment-0001.html>
>
>
> ------------------------------
>
>
> Message: 4
>
> Date: Tue, 19 Jan 2010 10:34:19 -0200
>
> From: Jeronimo Zucco <jczucco at gmail.com>
>
> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
>
> Subject: Re: [Cisspstudy] New to CISSP Cert
>
> Message-ID:
>
> <2d6b298c1001190434i6f1eb72ct1157b63b80fe9301 at mail.gmail.com>
>
> Content-Type: text/plain; charset=ISO-8859-1
>
>
> All-in_one edition 5:
>
>
>
> http://www.amazon.com/CISSP-All-One-Guide-Fifth/dp/0071602178/ref=sr_1_2
> ?
>
> ie=UTF8&s=books&qid=1263898897&sr=8-2
>
>
> I always recommend the last edition, because of updates and
>
> corretions. Or you can read all erratas for your edition.
>
>
> 2010/1/19 jack wang <windjie at gmail.com>:
>
> > ?Shon Harris Second Edition,plus www.cccure.org,they are enough
>
> >
>
>
>
> --
>
> Jeronimo Zucco
>
> http://jczucco.blogspot.com
>
>
>
>
> ------------------------------
>
>
> _______________________________________________
>
> cisspstudy mailing list
>
> cisspstudy at cccure.org
>
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
>
> End of cisspstudy Digest, Vol 19, Issue 16
>
> ******************************************
>
>
>
>
>
>
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 20 Jan 2010 04:23:33 +0530 (IST)
> From: Saurabh Bhargava <catchbhargava at yahoo.com>
> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
> Message-ID: <804072.93709.qm at web94803.mail.in2.yahoo.com>
> Content-Type: text/plain; charset="utf-8"
>
> Jonus, here is the catch.
>
> you say " For each user, there are 10 public keys. 10 users imply 100
> public keys" - but ALL these public keys are the same for all 10 users,
> they aren't different so 10 users still will imply 10 Public keys , even
> though author says "fully" communicate/Mesh technology.
>
> Tom, I would select the answers you've chosen for both the questions.
>
> Cheers, SB
>
>
>
> ________________________________
> From: gerritsjs <gerritsjs at gmail.com>
> To: The CISSP Study Mailing list <cisspstudy at cccure.org>; Nimal
> Gunarathna
> <ng949 at yahoo.com>
> Sent: Tue, 19 January, 2010 22:02:56
> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
>
> Nimal, Tom;
>
> The question is "fully" communicated. Within a community of 10 users,
> each user will have one private key. So we have 10 private keys.
> Public
> keys are as follows:
> For each user, there are 10 public keys. 10 users imply 100 public
> keys.
> This makes a total of 110 keys.
>
> Think of a Mesh Technology.
>
> Jonus
>
> -----Original Message-----
> From: cisspstudy-bounces at cccure.org
> [mailto:cisspstudy-bounces at cccure.org]
> On Behalf Of twitwicki at hannaford.com
> Sent: Tuesday, January 19, 2010 1:23 PM
> To: Nimal Gunarathna
> Cc: cisspstudy at cccure.org
> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
>
>
>
> Hi Nimal,
> I followed the same logic as you on this question. In order to
> get
> to the 110 answer each public key would have to be counted each time
> it's
> used which doesn't make sense. I've come across other examples from
> this
> book that are very questionable, which leads me to believe that the
> questions and answers have not been thouroughly vetted. Thank you for
> the
> reply.
>
> Tom Witwicki, CIPP
> Director, Information Security
> Hannaford Bros. Co.
> 207-885-2073
>
> Join me on Linkedin!
> http://www.linkedin.com/in/tomwitwicki
>
>
>
>
>
>
>
> Nimal Gunarathna
> <ng949 at yahoo.com>
>
> To
> 01/19/2010 04:07 cisspstudy at cccure.org
> PM
> cc
> twitwicki at hannaford.com
>
> Subject
> Re: cisspstudy Digest, Vol 19,
> Issue 16
>
>
>
>
>
>
>
>
>
>
>
> Hi Tom,
>
> This question puzzles me..
> In an asymmetric system how many keys are required for 10 users to fully
> communicate?
>
> Every user has a one private and a one public key. I can send my same
> public
> key to all others. For 10 people, 20 keys are needed.. I am not sure how
> 110 come from?
> Is this a private com session or just a different comm session with each
> pair?
>
> Thanks,
>
> Nimal Gunarathna
>
>
>
> --- On Tue, 1/19/10, cisspstudy-request at cccure.org
> <cisspstudy-request at cccure.org> wrote:
>
> From: cisspstudy-request at cccure.org <cisspstudy-request at cccure.org>
> Subject: cisspstudy Digest, Vol 19, Issue 16
>
> To: cisspstudy at cccure.org
> Date: Tuesday, January 19, 2010, 11:00 AM
>
> Send cisspstudy mailing list submissions to
> cisspstudy at cccure.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
> or, via email, send a message with subject or body 'help' to
>
> cisspstudy-request at cccure.org
>
> You can reach the person managing the list at
> cisspstudy-owner at cccure.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of cisspstudy digest..."
>
>
> Today's Topics:
>
> 1. cisspstudy - Cryptography questions (twitwicki at hannaford.com)
>
> 2. Re: New to CISSP Cert (Mark Price)
>
> 3. Re: New to CISSP Cert (jack wang)
> 4. Re: New to CISSP Cert (Jeronimo Zucco)
>
>
>
> ----------------------------------------------------------------------
>
>
> Message: 1
>
> Date: Mon, 18 Jan 2010 14:48:26 -0500
> From: twitwicki at hannaford.com
> To: cisspstudy at cccure.org
> Subject: [Cisspstudy] cisspstudy - Cryptography questions
>
> Message-ID:
> <
>
> OF8F407D94.BBDB76DE-ON852576AF.006B4314-852576AF.006CCD97 at hannaford.com>
>
>
> Content-Type: text/plain; charset=US-ASCII
>
>
>
>
> Hello all,
>
> I'd like your thoughts on these questions from Michael Gregg's
>
> CISSP
> Practice questions:
>
> In an asymmetric system how many keys are required for 10 users to
> fully
>
> communicate?
>
>
> A. 10
> B. 20
> C. 45
> D 110
>
> The answer states D. 110 - "Each user would have his private, phus
> his
> public key, plus each of the nine other public keys"
>
> Shouldn't the answer be B. 20 because the public keys is only couned
> once
>
> for each private/public pair? This also seems consistent with the
>
> formula
> for symmetric keys: N(N-1)/2 where N is the number of users needing to
>
> communicate. In this case the secret key is only counted once even if
>
> it's
>
> shared between users.
>
>
> Here's another question that has me puzzled:
>
>
> Which cryptographic system can be used for integrity, authenticity and
>
> non-repudiation?
>
>
> A. Asymmetric encryption
>
> B. Symmetric encryption
>
> C. Hashing
>
> D. None of the above
>
>
> The answers states A. Asymmetric. Shouldn't the answer be D. None of
> the
>
> above because Hashing is needed for integrity?
>
>
> Your thoughts will be much appreciated.
>
>
> Tom Witwicki, CIPP
>
> Director, Information Security
>
> Hannaford Bros. Co.
> 207-885-2073
>
>
> Join me on Linkedin!
>
> http://www.linkedin.com/in/tomwitwicki
>
>
>
>
>
>
>
>
> ------------------------------
>
>
> Message: 2
>
> Date: Mon, 18 Jan 2010 21:47:45 +0000
> From: "Mark Price" <prinext at gmail.com>
>
> To: "The CISSP Study Mailing list" <cisspstudy at cccure.org>
>
> Subject: Re: [Cisspstudy] New to CISSP Cert
> Message-ID:
> <
>
> 1180962559-1263851266-cardhu_decombobulator_blackberry.rim.net-147941822
> -
>
> @bda153.bisx.prod.on.blackberry>
>
>
> Content-Type: text/plain
>
>
> I have heard each edition is an update of the previous plus more of
> the
> latest technology and or standards.
> I have the 4th and the DVD set, they plus cccure.org worked for me.
> V/r,
>
>
> Mark Price
>
> PRINEXT
> c:240-743-7654
>
> mprice at prinext.com
>
> www.prinext.com
>
> -----Original Message-----
>
> From: Cert Prep <bugtraq.mailbox at gmail.com>
> Date: Mon, 18 Jan 2010 13:22:40
> To: The CISSP Study Mailing list<cisspstudy at cccure.org>
> Subject: Re: [Cisspstudy] New to CISSP Cert
>
> Thanks Jeronimo. I will listen to it.
>
> I have Shon Harris Second Edition which I bought many years back. I
> have heard that 5th edition is about to come. Is it ok to prepare from
>
> second edition until 5th edition is out? Does anybody know the
>
> differences between 2nd and 4th? I am sure there will be many but are
> those drastic to the extent that I will have to revise the stuff,
> which I have already gone through using second edition, from 5th
>
> edition once it is published?
>
> Any help would be appreciated.
>
>
> Thanks.
> Adam
>
>
> On Mon, Jan 18, 2010 at 12:51 PM, Jeronimo Zucco <jczucco at gmail.com>
>
> wrote:
>
> > 2010/1/18 Cert Prep <bugtraq.mailbox at gmail.com>:
>
> >> Hi Folks,
>
> >>
>
> >> I am planning to prepare for CISSP Cert and would like to know
> which
> >> book or material is best for the preparations.
> >
> >
> > http://www.cccure.org/flash/intro/player.html
> >
> >
> >
> > --
>
> > Jeronimo Zucco
>
> > http://jczucco.blogspot.com
> >
> > _______________________________________________
> > cisspstudy mailing list
> > cisspstudy at cccure.org
> > http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
> >
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
> ------------------------------
>
>
> Message: 3
>
> Date: Tue, 19 Jan 2010 20:05:00 +0800
> From: jack wang <windjie at gmail.com>
> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
>
> Subject: Re: [Cisspstudy] New to CISSP Cert
> Message-ID:
> <3c43566f1001190405t2bfd204as4a953dd160a5b92b at mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
>
> Shon Harris Second Edition,plus www.cccure.org,they are enough
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
>
> URL: <
>
>
> http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100119/0
> d
>
> 0b7b8f/attachment-0001.html>
>
>
> ------------------------------
>
>
> Message: 4
>
> Date: Tue, 19 Jan 2010 10:34:19 -0200
> From: Jeronimo Zucco <jczucco at gmail.com>
>
> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
>
> Subject: Re: [Cisspstudy] New to CISSP Cert
> Message-ID:
> <2d6b298c1001190434i6f1eb72ct1157b63b80fe9301 at mail.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1
>
>
> All-in_one edition 5:
>
>
> http://www.amazon.com/CISSP-All-One-Guide-Fifth/dp/0071602178/ref=sr_1_2
> ?
>
> ie=UTF8&s=books&qid=1263898897&sr=8-2
>
> I always recommend the last edition, because of updates and
> corretions. Or you can read all erratas for your edition.
>
> 2010/1/19 jack wang <windjie at gmail.com>:
>
> > ?Shon Harris Second Edition,plus www.cccure.org,they are enough
> >
>
>
> --
>
> Jeronimo Zucco
>
> http://jczucco.blogspot.com
>
>
>
> ------------------------------
>
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
>
> End of cisspstudy Digest, Vol 19, Issue 16
>
> ******************************************
>
>
>
>
>
>
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
>
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100120/6
> b681
> 638/attachment.html
> >
>
> ------------------------------
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
> End of cisspstudy Digest, Vol 19, Issue 18
> ******************************************
>
>
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
>
> ------------------------------
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
> End of cisspstudy Digest, Vol 19, Issue 23
> ******************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <
http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100210/a7d6f
5b7/attachment.html
>
------------------------------
_______________________________________________
CISSPstudy mailing list
CISSPstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
End of CISSPstudy Digest, Vol 20, Issue 1
*****************************************
_______________________________________________
CISSPstudy mailing list
CISSPstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
More information about the CISSPstudy
mailing list