[CCCure CISSP] cisspstudy Digest, Vol 19, Issue 23
Clement Dupuis
clement.dupuis at cccure.com
Wed Feb 10 21:43:17 EST 2010
Good day,
No need to get worried yet.
There hasn't been any major changes to the exam.
Take care
Clement
]
On Wed, Feb 10, 2010 at 13:00, Shibin Thomas <shibinthomas at gmail.com> wrote:
> Hi All,
>
> Is there any change the topics because of new release of books.
>
> Regards
>
>
> Shibin
>
> On Thu, Jan 21, 2010 at 9:00 PM, <cisspstudy-request at cccure.org> wrote:
>
>> Send cisspstudy mailing list submissions to
>> cisspstudy at cccure.org
>>
>> To subscribe or unsubscribe via the World Wide Web, visit
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>> or, via email, send a message with subject or body 'help' to
>> cisspstudy-request at cccure.org
>>
>> You can reach the person managing the list at
>> cisspstudy-owner at cccure.org
>>
>> When replying, please edit your Subject line so it is more specific
>> than "Re: Contents of cisspstudy digest..."
>>
>>
>> Today's Topics:
>>
>> 1. Re: cisspstudy Digest, Vol 19, Issue 18 (Holland, Brandon)
>>
>>
>> ----------------------------------------------------------------------
>>
>> Message: 1
>> Date: Wed, 20 Jan 2010 14:06:11 -0600
>> From: "Holland, Brandon" <hollandb at frmaint.com>
>> To: "The CISSP Study Mailing list" <cisspstudy at cccure.org>
>> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 18
>> Message-ID:
>> <58B3233454132D468C5F0D655003DA6410F891EA at MAIL.frmaint.com>
>> Content-Type: text/plain; charset="us-ascii"
>>
>> That's what stinks about a lot of these questions... because you can
>> understand everything there is to know about the keys and types of keys
>> and still can miss it because you didn't know how the question author
>> wanted you to interpret the question... but this is great is at least
>> whether or not u get this question wrong, it will help to concrete the
>> underlying concepts in your head (the actual important thing, much
>> better than getting a question right on a test)
>>
>> Saying all this, I think this is a little over-blown... over
>> analyzed... I think the author put "fully" not for you to ensure you
>> count the same key each time it's used, but to make sure you really know
>> asymmetric and don't use the symmetric key formula on it instead... you
>> only need 20 keys in total to fully communicate to every person, no
>> matter how many times those keys are used. Also, it says how many keys
>> are 'required' not how many times they are 'used'
>>
>>
>>
>> -----Original Message-----
>> From: cisspstudy-bounces at cccure.org
>> [mailto:cisspstudy-bounces at cccure.org] On Behalf Of gerritsjs
>> Sent: Wednesday, January 20, 2010 12:07 PM
>> To: 'The CISSP Study Mailing list'
>> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 18
>>
>> Tom;
>>
>> Let us put it in perspective. Let us assume that you have made two
>> keys
>> to your house (i.e one public key and one private key).... that is two.
>> You
>> plan to take a vacation for nine/ten days. You have asked 9 friends of
>> yours
>> to watch the house, while you are away. You have given your public key
>> to a
>> trusted entity (i.e., your aunt/uncle) and told her that you have
>> identified
>> 9 friends to watch your house while you are away and that she is to
>> provide
>> your friends with the public key to your house.
>>
>> To use the asymmetric logic, the trusted entity must not duplicate the
>> key
>> and that the "trusted" person who is responsible for watching the house
>> returns the key to the trusted entity upon completion of his/her watch,
>> so
>> that the next "trusted" person can obtain the key and watch the house
>> for
>> you. Using this logic, I agree that the number of keys is still 2.
>>
>> When reading the question, it appears that each of your 9 friends has
>> the
>> key to your house (even though they are duplicates), while you are away.
>> And that, let us say, your condo is in New York and that your friends
>> are
>> scattered throughout the United States, and you entrusted them with your
>> condo of $2 Million in New York. That is, your friends are in Chicago,
>> Washington D.C., Ann Arbor, Dallas, Miami, etc. The trusted entity is
>> in
>> Los Angeles. Question: Is the asymmetric logic still applicable?
>>
>> jonus
>>
>>
>> -----Original Message-----
>> From: cisspstudy-bounces at cccure.org
>> [mailto:cisspstudy-bounces at cccure.org]
>> On Behalf Of twitwicki at hannaford.com
>> Sent: Wednesday, January 20, 2010 6:20 AM
>> To: cisspstudy at cccure.org
>> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 18
>>
>>
>>
>> Janus,
>>
>> Thank you for adding your explanation of the question. I can see the
>> logic
>> and your formula makes it easy to understand, but should the public keys
>> be
>> counted as separate for each participant? Aren't they really just the
>> same
>> public key used by the 10 participants? The fact that Asymmetric
>> encryption is described as more scalable than symmetric also points to
>> this. If the were a symmetric case, the keys needed would be 45 .
>> There
>> is a also an example in the ISC2 guide which supports the approach which
>> leads to the answer of 20.
>>
>> Tom Witwicki, CIPP
>> Director, Information Security
>> Hannaford Bros. Co.
>> 207-885-2073
>>
>> Join me on Linkedin!
>> http://www.linkedin.com/in/tomwitwicki
>>
>>
>>
>>
>>
>>
>>
>>
>> cisspstudy-reques
>>
>> t at cccure.org
>>
>> Sent by:
>> To
>> cisspstudy-bounce cisspstudy at cccure.org
>>
>> s at cccure.org
>> cc
>>
>>
>>
>> Subject
>> 01/19/2010 05:53 cisspstudy Digest, Vol 19, Issue
>> 18
>> PM
>>
>>
>>
>>
>>
>> Please respond to
>>
>> cisspstudy at cccure
>>
>> .org
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> Send cisspstudy mailing list submissions to
>> cisspstudy at cccure.org
>>
>> To subscribe or unsubscribe via the World Wide Web, visit
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>> or, via email, send a message with subject or body 'help' to
>> cisspstudy-request at cccure.org
>>
>> You can reach the person managing the list at
>> cisspstudy-owner at cccure.org
>>
>> When replying, please edit your Subject line so it is more specific
>> than "Re: Contents of cisspstudy digest..."
>>
>>
>> Today's Topics:
>>
>> 1. Re: cisspstudy Digest, Vol 19, Issue 16 (gerritsjs)
>> 2. Re: cisspstudy Digest, Vol 19, Issue 16 (Saurabh Bhargava)
>>
>>
>> ----------------------------------------------------------------------
>>
>> Message: 1
>> Date: Tue, 19 Jan 2010 14:02:56 -0800
>> From: "gerritsjs" <gerritsjs at gmail.com>
>> To: "'The CISSP Study Mailing list'" <cisspstudy at cccure.org>,
>> "'Nimal
>> Gunarathna'" <ng949 at yahoo.com>
>> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
>> Message-ID: <4b562c14.0c07560a.29a4.ffffa51a at mx.google.com>
>> Content-Type: text/plain; charset="us-ascii"
>>
>> Nimal, Tom;
>>
>> The question is "fully" communicated. Within a community of 10 users,
>> each user will have one private key. So we have 10 private keys.
>> Public
>> keys are as follows:
>> For each user, there are 10 public keys. 10 users imply 100 public
>> keys.
>> This makes a total of 110 keys.
>>
>> Think of a Mesh Technology.
>>
>> Jonus
>>
>> -----Original Message-----
>> From: cisspstudy-bounces at cccure.org
>> [mailto:cisspstudy-bounces at cccure.org]
>> On Behalf Of twitwicki at hannaford.com
>> Sent: Tuesday, January 19, 2010 1:23 PM
>> To: Nimal Gunarathna
>> Cc: cisspstudy at cccure.org
>> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
>>
>>
>>
>> Hi Nimal,
>> I followed the same logic as you on this question. In order to
>> get
>> to the 110 answer each public key would have to be counted each time
>> it's
>> used which doesn't make sense. I've come across other examples from
>> this
>> book that are very questionable, which leads me to believe that the
>> questions and answers have not been thouroughly vetted. Thank you for
>> the
>> reply.
>>
>> Tom Witwicki, CIPP
>> Director, Information Security
>> Hannaford Bros. Co.
>> 207-885-2073
>>
>> Join me on Linkedin!
>> http://www.linkedin.com/in/tomwitwicki
>>
>>
>>
>>
>>
>>
>>
>> Nimal Gunarathna
>> <ng949 at yahoo.com>
>>
>> To
>> 01/19/2010 04:07 cisspstudy at cccure.org
>> PM
>> cc
>> twitwicki at hannaford.com
>>
>> Subject
>> Re: cisspstudy Digest, Vol 19,
>> Issue 16
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> Hi Tom,
>>
>>
>> This question puzzles me..
>>
>> In an asymmetric system how many keys are required for 10 users to
>> fully
>>
>> communicate?
>>
>>
>> Every user has a one private and a one public key. I can send my same
>>
>> public
>>
>> key to all others. For 10 people, 20 keys are needed.. I am not sure
>> how
>>
>> 110 come from?
>>
>> Is this a private com session or just a different comm session with
>> each
>>
>> pair?
>>
>>
>> Thanks,
>>
>>
>> Nimal Gunarathna
>>
>>
>>
>>
>> --- On Tue, 1/19/10, cisspstudy-request at cccure.org
>>
>> <cisspstudy-request at cccure.org> wrote:
>>
>>
>> From: cisspstudy-request at cccure.org <cisspstudy-request at cccure.org>
>>
>> Subject: cisspstudy Digest, Vol 19, Issue 16
>>
>> To: cisspstudy at cccure.org
>>
>> Date: Tuesday, January 19, 2010, 11:00 AM
>>
>>
>> Send cisspstudy mailing list submissions to
>>
>> cisspstudy at cccure.org
>>
>>
>> To subscribe or unsubscribe via the World Wide Web, visit
>>
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>> or, via email, send a message with subject or body 'help' to
>>
>> cisspstudy-request at cccure.org
>>
>>
>> You can reach the person managing the list at
>>
>> cisspstudy-owner at cccure.org
>>
>>
>> When replying, please edit your Subject line so it is more specific
>>
>> than "Re: Contents of cisspstudy digest..."
>>
>>
>>
>> Today's Topics:
>>
>>
>> 1. cisspstudy - Cryptography questions (twitwicki at hannaford.com)
>>
>> 2. Re: New to CISSP Cert (Mark Price)
>>
>> 3. Re: New to CISSP Cert (jack wang)
>>
>> 4. Re: New to CISSP Cert (Jeronimo Zucco)
>>
>>
>>
>> ----------------------------------------------------------------------
>>
>>
>> Message: 1
>>
>> Date: Mon, 18 Jan 2010 14:48:26 -0500
>>
>> From: twitwicki at hannaford.com
>>
>> To: cisspstudy at cccure.org
>>
>> Subject: [Cisspstudy] cisspstudy - Cryptography questions
>>
>> Message-ID:
>>
>> <
>>
>>
>> OF8F407D94.BBDB76DE-ON852576AF.006B4314-852576AF.006CCD97 at hannaford.com>
>>
>>
>> Content-Type: text/plain; charset=US-ASCII
>>
>>
>>
>>
>> Hello all,
>>
>> I'd like your thoughts on these questions from Michael Gregg's
>>
>> CISSP
>>
>> Practice questions:
>>
>>
>> In an asymmetric system how many keys are required for 10 users to
>> fully
>>
>> communicate?
>>
>>
>> A. 10
>>
>> B. 20
>>
>> C. 45
>>
>> D 110
>>
>>
>> The answer states D. 110 - "Each user would have his private, phus
>> his
>>
>> public key, plus each of the nine other public keys"
>>
>> Shouldn't the answer be B. 20 because the public keys is only couned
>>
>> once
>>
>> for each private/public pair? This also seems consistent with the
>>
>> formula
>>
>> for symmetric keys: N(N-1)/2 where N is the number of users needing to
>>
>> communicate. In this case the secret key is only counted once even if
>>
>> it's
>>
>> shared between users.
>>
>>
>>
>> Here's another question that has me puzzled:
>>
>>
>> Which cryptographic system can be used for integrity, authenticity and
>>
>> non-repudiation?
>>
>>
>> A. Asymmetric encryption
>>
>> B. Symmetric encryption
>>
>> C. Hashing
>>
>> D. None of the above
>>
>>
>> The answers states A. Asymmetric. Shouldn't the answer be D. None of
>> the
>>
>> above because Hashing is needed for integrity?
>>
>>
>> Your thoughts will be much appreciated.
>>
>>
>>
>> Tom Witwicki, CIPP
>>
>> Director, Information Security
>>
>> Hannaford Bros. Co.
>>
>> 207-885-2073
>>
>>
>> Join me on Linkedin!
>>
>> http://www.linkedin.com/in/tomwitwicki
>>
>>
>>
>>
>>
>>
>>
>>
>> ------------------------------
>>
>>
>> Message: 2
>>
>> Date: Mon, 18 Jan 2010 21:47:45 +0000
>>
>> From: "Mark Price" <prinext at gmail.com>
>>
>> To: "The CISSP Study Mailing list" <cisspstudy at cccure.org>
>>
>> Subject: Re: [Cisspstudy] New to CISSP Cert
>>
>> Message-ID:
>>
>> <
>>
>>
>> 1180962559-1263851266-cardhu_decombobulator_blackberry.rim.net-147941822
>> -
>>
>> @bda153.bisx.prod.on.blackberry>
>>
>>
>> Content-Type: text/plain
>>
>>
>> I have heard each edition is an update of the previous plus more of
>> the
>>
>> latest technology and or standards.
>>
>> I have the 4th and the DVD set, they plus cccure.org worked for me.
>>
>> V/r,
>>
>>
>> Mark Price
>>
>> PRINEXT
>>
>> c:240-743-7654
>>
>> mprice at prinext.com
>>
>> www.prinext.com
>>
>>
>> -----Original Message-----
>>
>> From: Cert Prep <bugtraq.mailbox at gmail.com>
>>
>> Date: Mon, 18 Jan 2010 13:22:40
>>
>> To: The CISSP Study Mailing list<cisspstudy at cccure.org>
>>
>> Subject: Re: [Cisspstudy] New to CISSP Cert
>>
>>
>> Thanks Jeronimo. I will listen to it.
>>
>>
>> I have Shon Harris Second Edition which I bought many years back. I
>>
>> have heard that 5th edition is about to come. Is it ok to prepare from
>>
>> second edition until 5th edition is out? Does anybody know the
>>
>> differences between 2nd and 4th? I am sure there will be many but are
>>
>> those drastic to the extent that I will have to revise the stuff,
>>
>> which I have already gone through using second edition, from 5th
>>
>> edition once it is published?
>>
>>
>> Any help would be appreciated.
>>
>>
>> Thanks.
>>
>> Adam
>>
>>
>> On Mon, Jan 18, 2010 at 12:51 PM, Jeronimo Zucco <jczucco at gmail.com>
>>
>> wrote:
>>
>> > 2010/1/18 Cert Prep <bugtraq.mailbox at gmail.com>:
>>
>> >> Hi Folks,
>>
>> >>
>>
>> >> I am planning to prepare for CISSP Cert and would like to know
>> which
>>
>> >> book or material is best for the preparations.
>>
>> >
>>
>> >
>>
>> > http://www.cccure.org/flash/intro/player.html
>>
>> >
>>
>> >
>>
>> >
>>
>> > --
>>
>> > Jeronimo Zucco
>>
>> > http://jczucco.blogspot.com
>>
>> >
>>
>> > _______________________________________________
>>
>> > cisspstudy mailing list
>>
>> > cisspstudy at cccure.org
>>
>> > http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>> >
>>
>>
>> _______________________________________________
>>
>> cisspstudy mailing list
>>
>> cisspstudy at cccure.org
>>
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>>
>> ------------------------------
>>
>>
>> Message: 3
>>
>> Date: Tue, 19 Jan 2010 20:05:00 +0800
>>
>> From: jack wang <windjie at gmail.com>
>>
>> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
>>
>> Subject: Re: [Cisspstudy] New to CISSP Cert
>>
>> Message-ID:
>>
>> <3c43566f1001190405t2bfd204as4a953dd160a5b92b at mail.gmail.com>
>>
>> Content-Type: text/plain; charset="iso-8859-1"
>>
>>
>> Shon Harris Second Edition,plus www.cccure.org,they are enough
>>
>> -------------- next part --------------
>>
>> An HTML attachment was scrubbed...
>>
>> URL: <
>>
>>
>> http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100119/0
>> d
>>
>> 0b7b8f/attachment-0001.html>
>>
>>
>> ------------------------------
>>
>>
>> Message: 4
>>
>> Date: Tue, 19 Jan 2010 10:34:19 -0200
>>
>> From: Jeronimo Zucco <jczucco at gmail.com>
>>
>> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
>>
>> Subject: Re: [Cisspstudy] New to CISSP Cert
>>
>> Message-ID:
>>
>> <2d6b298c1001190434i6f1eb72ct1157b63b80fe9301 at mail.gmail.com>
>>
>> Content-Type: text/plain; charset=ISO-8859-1
>>
>>
>> All-in_one edition 5:
>>
>>
>>
>> http://www.amazon.com/CISSP-All-One-Guide-Fifth/dp/0071602178/ref=sr_1_2
>> ?
>>
>> ie=UTF8&s=books&qid=1263898897&sr=8-2
>>
>>
>> I always recommend the last edition, because of updates and
>>
>> corretions. Or you can read all erratas for your edition.
>>
>>
>> 2010/1/19 jack wang <windjie at gmail.com>:
>>
>> > ?Shon Harris Second Edition,plus www.cccure.org,they are enough
>>
>> >
>>
>>
>>
>> --
>>
>> Jeronimo Zucco
>>
>> http://jczucco.blogspot.com
>>
>>
>>
>>
>> ------------------------------
>>
>>
>> _______________________________________________
>>
>> cisspstudy mailing list
>>
>> cisspstudy at cccure.org
>>
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>>
>>
>> End of cisspstudy Digest, Vol 19, Issue 16
>>
>> ******************************************
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> cisspstudy mailing list
>> cisspstudy at cccure.org
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>>
>>
>>
>> ------------------------------
>>
>> Message: 2
>> Date: Wed, 20 Jan 2010 04:23:33 +0530 (IST)
>> From: Saurabh Bhargava <catchbhargava at yahoo.com>
>> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
>> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
>> Message-ID: <804072.93709.qm at web94803.mail.in2.yahoo.com>
>> Content-Type: text/plain; charset="utf-8"
>>
>> Jonus, here is the catch.
>>
>> you say " For each user, there are 10 public keys. 10 users imply 100
>> public keys" - but ALL these public keys are the same for all 10 users,
>> they aren't different so 10 users still will imply 10 Public keys , even
>> though author says "fully" communicate/Mesh technology.
>>
>> Tom, I would select the answers you've chosen for both the questions.
>>
>> Cheers, SB
>>
>>
>>
>> ________________________________
>> From: gerritsjs <gerritsjs at gmail.com>
>> To: The CISSP Study Mailing list <cisspstudy at cccure.org>; Nimal
>> Gunarathna
>> <ng949 at yahoo.com>
>> Sent: Tue, 19 January, 2010 22:02:56
>> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
>>
>> Nimal, Tom;
>>
>> The question is "fully" communicated. Within a community of 10 users,
>> each user will have one private key. So we have 10 private keys.
>> Public
>> keys are as follows:
>> For each user, there are 10 public keys. 10 users imply 100 public
>> keys.
>> This makes a total of 110 keys.
>>
>> Think of a Mesh Technology.
>>
>> Jonus
>>
>> -----Original Message-----
>> From: cisspstudy-bounces at cccure.org
>> [mailto:cisspstudy-bounces at cccure.org]
>> On Behalf Of twitwicki at hannaford.com
>> Sent: Tuesday, January 19, 2010 1:23 PM
>> To: Nimal Gunarathna
>> Cc: cisspstudy at cccure.org
>> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
>>
>>
>>
>> Hi Nimal,
>> I followed the same logic as you on this question. In order to
>> get
>> to the 110 answer each public key would have to be counted each time
>> it's
>> used which doesn't make sense. I've come across other examples from
>> this
>> book that are very questionable, which leads me to believe that the
>> questions and answers have not been thouroughly vetted. Thank you for
>> the
>> reply.
>>
>> Tom Witwicki, CIPP
>> Director, Information Security
>> Hannaford Bros. Co.
>> 207-885-2073
>>
>> Join me on Linkedin!
>> http://www.linkedin.com/in/tomwitwicki
>>
>>
>>
>>
>>
>>
>>
>> Nimal Gunarathna
>> <ng949 at yahoo.com>
>>
>> To
>> 01/19/2010 04:07 cisspstudy at cccure.org
>> PM
>> cc
>> twitwicki at hannaford.com
>>
>> Subject
>> Re: cisspstudy Digest, Vol 19,
>> Issue 16
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> Hi Tom,
>>
>> This question puzzles me..
>> In an asymmetric system how many keys are required for 10 users to fully
>> communicate?
>>
>> Every user has a one private and a one public key. I can send my same
>> public
>> key to all others. For 10 people, 20 keys are needed.. I am not sure how
>> 110 come from?
>> Is this a private com session or just a different comm session with each
>> pair?
>>
>> Thanks,
>>
>> Nimal Gunarathna
>>
>>
>>
>> --- On Tue, 1/19/10, cisspstudy-request at cccure.org
>> <cisspstudy-request at cccure.org> wrote:
>>
>> From: cisspstudy-request at cccure.org <cisspstudy-request at cccure.org>
>> Subject: cisspstudy Digest, Vol 19, Issue 16
>>
>> To: cisspstudy at cccure.org
>> Date: Tuesday, January 19, 2010, 11:00 AM
>>
>> Send cisspstudy mailing list submissions to
>> cisspstudy at cccure.org
>>
>> To subscribe or unsubscribe via the World Wide Web, visit
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>> or, via email, send a message with subject or body 'help' to
>>
>> cisspstudy-request at cccure.org
>>
>> You can reach the person managing the list at
>> cisspstudy-owner at cccure.org
>>
>> When replying, please edit your Subject line so it is more specific
>> than "Re: Contents of cisspstudy digest..."
>>
>>
>> Today's Topics:
>>
>> 1. cisspstudy - Cryptography questions (twitwicki at hannaford.com)
>>
>> 2. Re: New to CISSP Cert (Mark Price)
>>
>> 3. Re: New to CISSP Cert (jack wang)
>> 4. Re: New to CISSP Cert (Jeronimo Zucco)
>>
>>
>>
>> ----------------------------------------------------------------------
>>
>>
>> Message: 1
>>
>> Date: Mon, 18 Jan 2010 14:48:26 -0500
>> From: twitwicki at hannaford.com
>> To: cisspstudy at cccure.org
>> Subject: [Cisspstudy] cisspstudy - Cryptography questions
>>
>> Message-ID:
>> <
>>
>> OF8F407D94.BBDB76DE-ON852576AF.006B4314-852576AF.006CCD97 at hannaford.com>
>>
>>
>> Content-Type: text/plain; charset=US-ASCII
>>
>>
>>
>>
>> Hello all,
>>
>> I'd like your thoughts on these questions from Michael Gregg's
>>
>> CISSP
>> Practice questions:
>>
>> In an asymmetric system how many keys are required for 10 users to
>> fully
>>
>> communicate?
>>
>>
>> A. 10
>> B. 20
>> C. 45
>> D 110
>>
>> The answer states D. 110 - "Each user would have his private, phus
>> his
>> public key, plus each of the nine other public keys"
>>
>> Shouldn't the answer be B. 20 because the public keys is only couned
>> once
>>
>> for each private/public pair? This also seems consistent with the
>>
>> formula
>> for symmetric keys: N(N-1)/2 where N is the number of users needing to
>>
>> communicate. In this case the secret key is only counted once even if
>>
>> it's
>>
>> shared between users.
>>
>>
>> Here's another question that has me puzzled:
>>
>>
>> Which cryptographic system can be used for integrity, authenticity and
>>
>> non-repudiation?
>>
>>
>> A. Asymmetric encryption
>>
>> B. Symmetric encryption
>>
>> C. Hashing
>>
>> D. None of the above
>>
>>
>> The answers states A. Asymmetric. Shouldn't the answer be D. None of
>> the
>>
>> above because Hashing is needed for integrity?
>>
>>
>> Your thoughts will be much appreciated.
>>
>>
>> Tom Witwicki, CIPP
>>
>> Director, Information Security
>>
>> Hannaford Bros. Co.
>> 207-885-2073
>>
>>
>> Join me on Linkedin!
>>
>> http://www.linkedin.com/in/tomwitwicki
>>
>>
>>
>>
>>
>>
>>
>>
>> ------------------------------
>>
>>
>> Message: 2
>>
>> Date: Mon, 18 Jan 2010 21:47:45 +0000
>> From: "Mark Price" <prinext at gmail.com>
>>
>> To: "The CISSP Study Mailing list" <cisspstudy at cccure.org>
>>
>> Subject: Re: [Cisspstudy] New to CISSP Cert
>> Message-ID:
>> <
>>
>> 1180962559-1263851266-cardhu_decombobulator_blackberry.rim.net-147941822
>> -
>>
>> @bda153.bisx.prod.on.blackberry>
>>
>>
>> Content-Type: text/plain
>>
>>
>> I have heard each edition is an update of the previous plus more of
>> the
>> latest technology and or standards.
>> I have the 4th and the DVD set, they plus cccure.org worked for me.
>> V/r,
>>
>>
>> Mark Price
>>
>> PRINEXT
>> c:240-743-7654
>>
>> mprice at prinext.com
>>
>> www.prinext.com
>>
>> -----Original Message-----
>>
>> From: Cert Prep <bugtraq.mailbox at gmail.com>
>> Date: Mon, 18 Jan 2010 13:22:40
>> To: The CISSP Study Mailing list<cisspstudy at cccure.org>
>> Subject: Re: [Cisspstudy] New to CISSP Cert
>>
>> Thanks Jeronimo. I will listen to it.
>>
>> I have Shon Harris Second Edition which I bought many years back. I
>> have heard that 5th edition is about to come. Is it ok to prepare from
>>
>> second edition until 5th edition is out? Does anybody know the
>>
>> differences between 2nd and 4th? I am sure there will be many but are
>> those drastic to the extent that I will have to revise the stuff,
>> which I have already gone through using second edition, from 5th
>>
>> edition once it is published?
>>
>> Any help would be appreciated.
>>
>>
>> Thanks.
>> Adam
>>
>>
>> On Mon, Jan 18, 2010 at 12:51 PM, Jeronimo Zucco <jczucco at gmail.com>
>>
>> wrote:
>>
>> > 2010/1/18 Cert Prep <bugtraq.mailbox at gmail.com>:
>>
>> >> Hi Folks,
>>
>> >>
>>
>> >> I am planning to prepare for CISSP Cert and would like to know
>> which
>> >> book or material is best for the preparations.
>> >
>> >
>> > http://www.cccure.org/flash/intro/player.html
>> >
>> >
>> >
>> > --
>>
>> > Jeronimo Zucco
>>
>> > http://jczucco.blogspot.com
>> >
>> > _______________________________________________
>> > cisspstudy mailing list
>> > cisspstudy at cccure.org
>> > http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>> >
>>
>> _______________________________________________
>> cisspstudy mailing list
>> cisspstudy at cccure.org
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>>
>> ------------------------------
>>
>>
>> Message: 3
>>
>> Date: Tue, 19 Jan 2010 20:05:00 +0800
>> From: jack wang <windjie at gmail.com>
>> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
>>
>> Subject: Re: [Cisspstudy] New to CISSP Cert
>> Message-ID:
>> <3c43566f1001190405t2bfd204as4a953dd160a5b92b at mail.gmail.com>
>> Content-Type: text/plain; charset="iso-8859-1"
>>
>>
>> Shon Harris Second Edition,plus www.cccure.org,they are enough
>>
>> -------------- next part --------------
>> An HTML attachment was scrubbed...
>>
>> URL: <
>>
>>
>> http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100119/0
>> d
>>
>> 0b7b8f/attachment-0001.html>
>>
>>
>> ------------------------------
>>
>>
>> Message: 4
>>
>> Date: Tue, 19 Jan 2010 10:34:19 -0200
>> From: Jeronimo Zucco <jczucco at gmail.com>
>>
>> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
>>
>> Subject: Re: [Cisspstudy] New to CISSP Cert
>> Message-ID:
>> <2d6b298c1001190434i6f1eb72ct1157b63b80fe9301 at mail.gmail.com>
>> Content-Type: text/plain; charset=ISO-8859-1
>>
>>
>> All-in_one edition 5:
>>
>>
>> http://www.amazon.com/CISSP-All-One-Guide-Fifth/dp/0071602178/ref=sr_1_2
>> ?
>>
>> ie=UTF8&s=books&qid=1263898897&sr=8-2
>>
>> I always recommend the last edition, because of updates and
>> corretions. Or you can read all erratas for your edition.
>>
>> 2010/1/19 jack wang <windjie at gmail.com>:
>>
>> > ?Shon Harris Second Edition,plus www.cccure.org,they are enough
>> >
>>
>>
>> --
>>
>> Jeronimo Zucco
>>
>> http://jczucco.blogspot.com
>>
>>
>>
>> ------------------------------
>>
>>
>> _______________________________________________
>> cisspstudy mailing list
>> cisspstudy at cccure.org
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>>
>>
>> End of cisspstudy Digest, Vol 19, Issue 16
>>
>> ******************************************
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> cisspstudy mailing list
>> cisspstudy at cccure.org
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>>
>> _______________________________________________
>> cisspstudy mailing list
>> cisspstudy at cccure.org
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>>
>>
>>
>> -------------- next part --------------
>> An HTML attachment was scrubbed...
>> URL: <
>> http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100120/6
>> b681<http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100120/6b681>
>> 638/attachment.html
>> >
>>
>> ------------------------------
>>
>> _______________________________________________
>> cisspstudy mailing list
>> cisspstudy at cccure.org
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>>
>> End of cisspstudy Digest, Vol 19, Issue 18
>> ******************************************
>>
>>
>>
>> _______________________________________________
>> cisspstudy mailing list
>> cisspstudy at cccure.org
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>>
>> _______________________________________________
>> cisspstudy mailing list
>> cisspstudy at cccure.org
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>>
>>
>> ------------------------------
>>
>> _______________________________________________
>> cisspstudy mailing list
>> cisspstudy at cccure.org
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>>
>> End of cisspstudy Digest, Vol 19, Issue 23
>> ******************************************
>>
>
>
> _______________________________________________
> CISSPstudy mailing list
> CISSPstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100210/f28ae78a/attachment-0001.html>
More information about the CISSPstudy
mailing list