[CCCure CISSP] CISSPstudy Digest, Vol 20, Issue 5
Shibin Thomas
shibinthomas at gmail.com
Wed Feb 10 23:08:18 EST 2010
Thanks Clement
REgards
Shibin
On Thu, Feb 11, 2010 at 6:43 AM, <cisspstudy-request at cccure.org> wrote:
> Send CISSPstudy mailing list submissions to
> cisspstudy at cccure.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> or, via email, send a message with subject or body 'help' to
> cisspstudy-request at cccure.org
>
> You can reach the person managing the list at
> cisspstudy-owner at cccure.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of CISSPstudy digest..."
>
>
> Today's Topics:
>
> 1. Re: cisspstudy Digest, Vol 19, Issue 23 (Clement Dupuis)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 10 Feb 2010 21:43:17 -0500
> From: Clement Dupuis <clement.dupuis at cccure.com>
> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
> Subject: Re: [CCCure CISSP] cisspstudy Digest, Vol 19, Issue 23
> Message-ID:
> <959788641002101843g1829c526tbf9c39940d903536 at mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Good day,
>
> No need to get worried yet.
>
> There hasn't been any major changes to the exam.
>
> Take care
>
> Clement
> ]
>
>
>
> On Wed, Feb 10, 2010 at 13:00, Shibin Thomas <shibinthomas at gmail.com>
> wrote:
>
> > Hi All,
> >
> > Is there any change the topics because of new release of books.
> >
> > Regards
> >
> >
> > Shibin
> >
> > On Thu, Jan 21, 2010 at 9:00 PM, <cisspstudy-request at cccure.org> wrote:
> >
> >> Send cisspstudy mailing list submissions to
> >> cisspstudy at cccure.org
> >>
> >> To subscribe or unsubscribe via the World Wide Web, visit
> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> or, via email, send a message with subject or body 'help' to
> >> cisspstudy-request at cccure.org
> >>
> >> You can reach the person managing the list at
> >> cisspstudy-owner at cccure.org
> >>
> >> When replying, please edit your Subject line so it is more specific
> >> than "Re: Contents of cisspstudy digest..."
> >>
> >>
> >> Today's Topics:
> >>
> >> 1. Re: cisspstudy Digest, Vol 19, Issue 18 (Holland, Brandon)
> >>
> >>
> >> ----------------------------------------------------------------------
> >>
> >> Message: 1
> >> Date: Wed, 20 Jan 2010 14:06:11 -0600
> >> From: "Holland, Brandon" <hollandb at frmaint.com>
> >> To: "The CISSP Study Mailing list" <cisspstudy at cccure.org>
> >> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 18
> >> Message-ID:
> >> <58B3233454132D468C5F0D655003DA6410F891EA at MAIL.frmaint.com>
> >> Content-Type: text/plain; charset="us-ascii"
> >>
> >> That's what stinks about a lot of these questions... because you can
> >> understand everything there is to know about the keys and types of keys
> >> and still can miss it because you didn't know how the question author
> >> wanted you to interpret the question... but this is great is at least
> >> whether or not u get this question wrong, it will help to concrete the
> >> underlying concepts in your head (the actual important thing, much
> >> better than getting a question right on a test)
> >>
> >> Saying all this, I think this is a little over-blown... over
> >> analyzed... I think the author put "fully" not for you to ensure you
> >> count the same key each time it's used, but to make sure you really know
> >> asymmetric and don't use the symmetric key formula on it instead... you
> >> only need 20 keys in total to fully communicate to every person, no
> >> matter how many times those keys are used. Also, it says how many keys
> >> are 'required' not how many times they are 'used'
> >>
> >>
> >>
> >> -----Original Message-----
> >> From: cisspstudy-bounces at cccure.org
> >> [mailto:cisspstudy-bounces at cccure.org] On Behalf Of gerritsjs
> >> Sent: Wednesday, January 20, 2010 12:07 PM
> >> To: 'The CISSP Study Mailing list'
> >> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 18
> >>
> >> Tom;
> >>
> >> Let us put it in perspective. Let us assume that you have made two
> >> keys
> >> to your house (i.e one public key and one private key).... that is two.
> >> You
> >> plan to take a vacation for nine/ten days. You have asked 9 friends of
> >> yours
> >> to watch the house, while you are away. You have given your public key
> >> to a
> >> trusted entity (i.e., your aunt/uncle) and told her that you have
> >> identified
> >> 9 friends to watch your house while you are away and that she is to
> >> provide
> >> your friends with the public key to your house.
> >>
> >> To use the asymmetric logic, the trusted entity must not duplicate the
> >> key
> >> and that the "trusted" person who is responsible for watching the house
> >> returns the key to the trusted entity upon completion of his/her watch,
> >> so
> >> that the next "trusted" person can obtain the key and watch the house
> >> for
> >> you. Using this logic, I agree that the number of keys is still 2.
> >>
> >> When reading the question, it appears that each of your 9 friends has
> >> the
> >> key to your house (even though they are duplicates), while you are away.
> >> And that, let us say, your condo is in New York and that your friends
> >> are
> >> scattered throughout the United States, and you entrusted them with your
> >> condo of $2 Million in New York. That is, your friends are in Chicago,
> >> Washington D.C., Ann Arbor, Dallas, Miami, etc. The trusted entity is
> >> in
> >> Los Angeles. Question: Is the asymmetric logic still applicable?
> >>
> >> jonus
> >>
> >>
> >> -----Original Message-----
> >> From: cisspstudy-bounces at cccure.org
> >> [mailto:cisspstudy-bounces at cccure.org]
> >> On Behalf Of twitwicki at hannaford.com
> >> Sent: Wednesday, January 20, 2010 6:20 AM
> >> To: cisspstudy at cccure.org
> >> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 18
> >>
> >>
> >>
> >> Janus,
> >>
> >> Thank you for adding your explanation of the question. I can see the
> >> logic
> >> and your formula makes it easy to understand, but should the public keys
> >> be
> >> counted as separate for each participant? Aren't they really just the
> >> same
> >> public key used by the 10 participants? The fact that Asymmetric
> >> encryption is described as more scalable than symmetric also points to
> >> this. If the were a symmetric case, the keys needed would be 45 .
> >> There
> >> is a also an example in the ISC2 guide which supports the approach which
> >> leads to the answer of 20.
> >>
> >> Tom Witwicki, CIPP
> >> Director, Information Security
> >> Hannaford Bros. Co.
> >> 207-885-2073
> >>
> >> Join me on Linkedin!
> >> http://www.linkedin.com/in/tomwitwicki
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> cisspstudy-reques
> >>
> >> t at cccure.org
> >>
> >> Sent by:
> >> To
> >> cisspstudy-bounce cisspstudy at cccure.org
> >>
> >> s at cccure.org
> >> cc
> >>
> >>
> >>
> >> Subject
> >> 01/19/2010 05:53 cisspstudy Digest, Vol 19, Issue
> >> 18
> >> PM
> >>
> >>
> >>
> >>
> >>
> >> Please respond to
> >>
> >> cisspstudy at cccure
> >>
> >> .org
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> Send cisspstudy mailing list submissions to
> >> cisspstudy at cccure.org
> >>
> >> To subscribe or unsubscribe via the World Wide Web, visit
> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> or, via email, send a message with subject or body 'help' to
> >> cisspstudy-request at cccure.org
> >>
> >> You can reach the person managing the list at
> >> cisspstudy-owner at cccure.org
> >>
> >> When replying, please edit your Subject line so it is more specific
> >> than "Re: Contents of cisspstudy digest..."
> >>
> >>
> >> Today's Topics:
> >>
> >> 1. Re: cisspstudy Digest, Vol 19, Issue 16 (gerritsjs)
> >> 2. Re: cisspstudy Digest, Vol 19, Issue 16 (Saurabh Bhargava)
> >>
> >>
> >> ----------------------------------------------------------------------
> >>
> >> Message: 1
> >> Date: Tue, 19 Jan 2010 14:02:56 -0800
> >> From: "gerritsjs" <gerritsjs at gmail.com>
> >> To: "'The CISSP Study Mailing list'" <cisspstudy at cccure.org>,
> >> "'Nimal
> >> Gunarathna'" <ng949 at yahoo.com>
> >> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
> >> Message-ID: <4b562c14.0c07560a.29a4.ffffa51a at mx.google.com>
> >> Content-Type: text/plain; charset="us-ascii"
> >>
> >> Nimal, Tom;
> >>
> >> The question is "fully" communicated. Within a community of 10 users,
> >> each user will have one private key. So we have 10 private keys.
> >> Public
> >> keys are as follows:
> >> For each user, there are 10 public keys. 10 users imply 100 public
> >> keys.
> >> This makes a total of 110 keys.
> >>
> >> Think of a Mesh Technology.
> >>
> >> Jonus
> >>
> >> -----Original Message-----
> >> From: cisspstudy-bounces at cccure.org
> >> [mailto:cisspstudy-bounces at cccure.org]
> >> On Behalf Of twitwicki at hannaford.com
> >> Sent: Tuesday, January 19, 2010 1:23 PM
> >> To: Nimal Gunarathna
> >> Cc: cisspstudy at cccure.org
> >> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
> >>
> >>
> >>
> >> Hi Nimal,
> >> I followed the same logic as you on this question. In order to
> >> get
> >> to the 110 answer each public key would have to be counted each time
> >> it's
> >> used which doesn't make sense. I've come across other examples from
> >> this
> >> book that are very questionable, which leads me to believe that the
> >> questions and answers have not been thouroughly vetted. Thank you for
> >> the
> >> reply.
> >>
> >> Tom Witwicki, CIPP
> >> Director, Information Security
> >> Hannaford Bros. Co.
> >> 207-885-2073
> >>
> >> Join me on Linkedin!
> >> http://www.linkedin.com/in/tomwitwicki
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> Nimal Gunarathna
> >> <ng949 at yahoo.com>
> >>
> >> To
> >> 01/19/2010 04:07 cisspstudy at cccure.org
> >> PM
> >> cc
> >> twitwicki at hannaford.com
> >>
> >> Subject
> >> Re: cisspstudy Digest, Vol 19,
> >> Issue 16
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> Hi Tom,
> >>
> >>
> >> This question puzzles me..
> >>
> >> In an asymmetric system how many keys are required for 10 users to
> >> fully
> >>
> >> communicate?
> >>
> >>
> >> Every user has a one private and a one public key. I can send my same
> >>
> >> public
> >>
> >> key to all others. For 10 people, 20 keys are needed.. I am not sure
> >> how
> >>
> >> 110 come from?
> >>
> >> Is this a private com session or just a different comm session with
> >> each
> >>
> >> pair?
> >>
> >>
> >> Thanks,
> >>
> >>
> >> Nimal Gunarathna
> >>
> >>
> >>
> >>
> >> --- On Tue, 1/19/10, cisspstudy-request at cccure.org
> >>
> >> <cisspstudy-request at cccure.org> wrote:
> >>
> >>
> >> From: cisspstudy-request at cccure.org <cisspstudy-request at cccure.org>
> >>
> >> Subject: cisspstudy Digest, Vol 19, Issue 16
> >>
> >> To: cisspstudy at cccure.org
> >>
> >> Date: Tuesday, January 19, 2010, 11:00 AM
> >>
> >>
> >> Send cisspstudy mailing list submissions to
> >>
> >> cisspstudy at cccure.org
> >>
> >>
> >> To subscribe or unsubscribe via the World Wide Web, visit
> >>
> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >>
> >> or, via email, send a message with subject or body 'help' to
> >>
> >> cisspstudy-request at cccure.org
> >>
> >>
> >> You can reach the person managing the list at
> >>
> >> cisspstudy-owner at cccure.org
> >>
> >>
> >> When replying, please edit your Subject line so it is more specific
> >>
> >> than "Re: Contents of cisspstudy digest..."
> >>
> >>
> >>
> >> Today's Topics:
> >>
> >>
> >> 1. cisspstudy - Cryptography questions (twitwicki at hannaford.com)
> >>
> >> 2. Re: New to CISSP Cert (Mark Price)
> >>
> >> 3. Re: New to CISSP Cert (jack wang)
> >>
> >> 4. Re: New to CISSP Cert (Jeronimo Zucco)
> >>
> >>
> >>
> >> ----------------------------------------------------------------------
> >>
> >>
> >> Message: 1
> >>
> >> Date: Mon, 18 Jan 2010 14:48:26 -0500
> >>
> >> From: twitwicki at hannaford.com
> >>
> >> To: cisspstudy at cccure.org
> >>
> >> Subject: [Cisspstudy] cisspstudy - Cryptography questions
> >>
> >> Message-ID:
> >>
> >> <
> >>
> >>
> >> OF8F407D94.BBDB76DE-ON852576AF.006B4314-852576AF.006CCD97 at hannaford.com
> >
> >>
> >>
> >> Content-Type: text/plain; charset=US-ASCII
> >>
> >>
> >>
> >>
> >> Hello all,
> >>
> >> I'd like your thoughts on these questions from Michael Gregg's
> >>
> >> CISSP
> >>
> >> Practice questions:
> >>
> >>
> >> In an asymmetric system how many keys are required for 10 users to
> >> fully
> >>
> >> communicate?
> >>
> >>
> >> A. 10
> >>
> >> B. 20
> >>
> >> C. 45
> >>
> >> D 110
> >>
> >>
> >> The answer states D. 110 - "Each user would have his private, phus
> >> his
> >>
> >> public key, plus each of the nine other public keys"
> >>
> >> Shouldn't the answer be B. 20 because the public keys is only couned
> >>
> >> once
> >>
> >> for each private/public pair? This also seems consistent with the
> >>
> >> formula
> >>
> >> for symmetric keys: N(N-1)/2 where N is the number of users needing to
> >>
> >> communicate. In this case the secret key is only counted once even if
> >>
> >> it's
> >>
> >> shared between users.
> >>
> >>
> >>
> >> Here's another question that has me puzzled:
> >>
> >>
> >> Which cryptographic system can be used for integrity, authenticity and
> >>
> >> non-repudiation?
> >>
> >>
> >> A. Asymmetric encryption
> >>
> >> B. Symmetric encryption
> >>
> >> C. Hashing
> >>
> >> D. None of the above
> >>
> >>
> >> The answers states A. Asymmetric. Shouldn't the answer be D. None of
> >> the
> >>
> >> above because Hashing is needed for integrity?
> >>
> >>
> >> Your thoughts will be much appreciated.
> >>
> >>
> >>
> >> Tom Witwicki, CIPP
> >>
> >> Director, Information Security
> >>
> >> Hannaford Bros. Co.
> >>
> >> 207-885-2073
> >>
> >>
> >> Join me on Linkedin!
> >>
> >> http://www.linkedin.com/in/tomwitwicki
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> ------------------------------
> >>
> >>
> >> Message: 2
> >>
> >> Date: Mon, 18 Jan 2010 21:47:45 +0000
> >>
> >> From: "Mark Price" <prinext at gmail.com>
> >>
> >> To: "The CISSP Study Mailing list" <cisspstudy at cccure.org>
> >>
> >> Subject: Re: [Cisspstudy] New to CISSP Cert
> >>
> >> Message-ID:
> >>
> >> <
> >>
> >>
> >> 1180962559-1263851266-cardhu_decombobulator_blackberry.rim.net-147941822
> >> -
> >>
> >> @bda153.bisx.prod.on.blackberry>
> >>
> >>
> >> Content-Type: text/plain
> >>
> >>
> >> I have heard each edition is an update of the previous plus more of
> >> the
> >>
> >> latest technology and or standards.
> >>
> >> I have the 4th and the DVD set, they plus cccure.org worked for me.
> >>
> >> V/r,
> >>
> >>
> >> Mark Price
> >>
> >> PRINEXT
> >>
> >> c:240-743-7654
> >>
> >> mprice at prinext.com
> >>
> >> www.prinext.com
> >>
> >>
> >> -----Original Message-----
> >>
> >> From: Cert Prep <bugtraq.mailbox at gmail.com>
> >>
> >> Date: Mon, 18 Jan 2010 13:22:40
> >>
> >> To: The CISSP Study Mailing list<cisspstudy at cccure.org>
> >>
> >> Subject: Re: [Cisspstudy] New to CISSP Cert
> >>
> >>
> >> Thanks Jeronimo. I will listen to it.
> >>
> >>
> >> I have Shon Harris Second Edition which I bought many years back. I
> >>
> >> have heard that 5th edition is about to come. Is it ok to prepare from
> >>
> >> second edition until 5th edition is out? Does anybody know the
> >>
> >> differences between 2nd and 4th? I am sure there will be many but are
> >>
> >> those drastic to the extent that I will have to revise the stuff,
> >>
> >> which I have already gone through using second edition, from 5th
> >>
> >> edition once it is published?
> >>
> >>
> >> Any help would be appreciated.
> >>
> >>
> >> Thanks.
> >>
> >> Adam
> >>
> >>
> >> On Mon, Jan 18, 2010 at 12:51 PM, Jeronimo Zucco <jczucco at gmail.com>
> >>
> >> wrote:
> >>
> >> > 2010/1/18 Cert Prep <bugtraq.mailbox at gmail.com>:
> >>
> >> >> Hi Folks,
> >>
> >> >>
> >>
> >> >> I am planning to prepare for CISSP Cert and would like to know
> >> which
> >>
> >> >> book or material is best for the preparations.
> >>
> >> >
> >>
> >> >
> >>
> >> > http://www.cccure.org/flash/intro/player.html
> >>
> >> >
> >>
> >> >
> >>
> >> >
> >>
> >> > --
> >>
> >> > Jeronimo Zucco
> >>
> >> > http://jczucco.blogspot.com
> >>
> >> >
> >>
> >> > _______________________________________________
> >>
> >> > cisspstudy mailing list
> >>
> >> > cisspstudy at cccure.org
> >>
> >> > http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >>
> >> >
> >>
> >>
> >> _______________________________________________
> >>
> >> cisspstudy mailing list
> >>
> >> cisspstudy at cccure.org
> >>
> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >>
> >>
> >> ------------------------------
> >>
> >>
> >> Message: 3
> >>
> >> Date: Tue, 19 Jan 2010 20:05:00 +0800
> >>
> >> From: jack wang <windjie at gmail.com>
> >>
> >> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
> >>
> >> Subject: Re: [Cisspstudy] New to CISSP Cert
> >>
> >> Message-ID:
> >>
> >> <3c43566f1001190405t2bfd204as4a953dd160a5b92b at mail.gmail.com>
> >>
> >> Content-Type: text/plain; charset="iso-8859-1"
> >>
> >>
> >> Shon Harris Second Edition,plus www.cccure.org,they are enough
> >>
> >> -------------- next part --------------
> >>
> >> An HTML attachment was scrubbed...
> >>
> >> URL: <
> >>
> >>
> >>
> http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100119/0
> >> d
> >>
> >> 0b7b8f/attachment-0001.html>
> >>
> >>
> >> ------------------------------
> >>
> >>
> >> Message: 4
> >>
> >> Date: Tue, 19 Jan 2010 10:34:19 -0200
> >>
> >> From: Jeronimo Zucco <jczucco at gmail.com>
> >>
> >> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
> >>
> >> Subject: Re: [Cisspstudy] New to CISSP Cert
> >>
> >> Message-ID:
> >>
> >> <2d6b298c1001190434i6f1eb72ct1157b63b80fe9301 at mail.gmail.com>
> >>
> >> Content-Type: text/plain; charset=ISO-8859-1
> >>
> >>
> >> All-in_one edition 5:
> >>
> >>
> >>
> >>
> http://www.amazon.com/CISSP-All-One-Guide-Fifth/dp/0071602178/ref=sr_1_2
> >> ?
> >>
> >> ie=UTF8&s=books&qid=1263898897&sr=8-2
> >>
> >>
> >> I always recommend the last edition, because of updates and
> >>
> >> corretions. Or you can read all erratas for your edition.
> >>
> >>
> >> 2010/1/19 jack wang <windjie at gmail.com>:
> >>
> >> > ?Shon Harris Second Edition,plus www.cccure.org,they are enough
> >>
> >> >
> >>
> >>
> >>
> >> --
> >>
> >> Jeronimo Zucco
> >>
> >> http://jczucco.blogspot.com
> >>
> >>
> >>
> >>
> >> ------------------------------
> >>
> >>
> >> _______________________________________________
> >>
> >> cisspstudy mailing list
> >>
> >> cisspstudy at cccure.org
> >>
> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >>
> >>
> >>
> >> End of cisspstudy Digest, Vol 19, Issue 16
> >>
> >> ******************************************
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> _______________________________________________
> >> cisspstudy mailing list
> >> cisspstudy at cccure.org
> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >>
> >>
> >>
> >>
> >> ------------------------------
> >>
> >> Message: 2
> >> Date: Wed, 20 Jan 2010 04:23:33 +0530 (IST)
> >> From: Saurabh Bhargava <catchbhargava at yahoo.com>
> >> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
> >> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
> >> Message-ID: <804072.93709.qm at web94803.mail.in2.yahoo.com>
> >> Content-Type: text/plain; charset="utf-8"
> >>
> >> Jonus, here is the catch.
> >>
> >> you say " For each user, there are 10 public keys. 10 users imply 100
> >> public keys" - but ALL these public keys are the same for all 10 users,
> >> they aren't different so 10 users still will imply 10 Public keys , even
> >> though author says "fully" communicate/Mesh technology.
> >>
> >> Tom, I would select the answers you've chosen for both the questions.
> >>
> >> Cheers, SB
> >>
> >>
> >>
> >> ________________________________
> >> From: gerritsjs <gerritsjs at gmail.com>
> >> To: The CISSP Study Mailing list <cisspstudy at cccure.org>; Nimal
> >> Gunarathna
> >> <ng949 at yahoo.com>
> >> Sent: Tue, 19 January, 2010 22:02:56
> >> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
> >>
> >> Nimal, Tom;
> >>
> >> The question is "fully" communicated. Within a community of 10 users,
> >> each user will have one private key. So we have 10 private keys.
> >> Public
> >> keys are as follows:
> >> For each user, there are 10 public keys. 10 users imply 100 public
> >> keys.
> >> This makes a total of 110 keys.
> >>
> >> Think of a Mesh Technology.
> >>
> >> Jonus
> >>
> >> -----Original Message-----
> >> From: cisspstudy-bounces at cccure.org
> >> [mailto:cisspstudy-bounces at cccure.org]
> >> On Behalf Of twitwicki at hannaford.com
> >> Sent: Tuesday, January 19, 2010 1:23 PM
> >> To: Nimal Gunarathna
> >> Cc: cisspstudy at cccure.org
> >> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
> >>
> >>
> >>
> >> Hi Nimal,
> >> I followed the same logic as you on this question. In order to
> >> get
> >> to the 110 answer each public key would have to be counted each time
> >> it's
> >> used which doesn't make sense. I've come across other examples from
> >> this
> >> book that are very questionable, which leads me to believe that the
> >> questions and answers have not been thouroughly vetted. Thank you for
> >> the
> >> reply.
> >>
> >> Tom Witwicki, CIPP
> >> Director, Information Security
> >> Hannaford Bros. Co.
> >> 207-885-2073
> >>
> >> Join me on Linkedin!
> >> http://www.linkedin.com/in/tomwitwicki
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> Nimal Gunarathna
> >> <ng949 at yahoo.com>
> >>
> >> To
> >> 01/19/2010 04:07 cisspstudy at cccure.org
> >> PM
> >> cc
> >> twitwicki at hannaford.com
> >>
> >> Subject
> >> Re: cisspstudy Digest, Vol 19,
> >> Issue 16
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> Hi Tom,
> >>
> >> This question puzzles me..
> >> In an asymmetric system how many keys are required for 10 users to fully
> >> communicate?
> >>
> >> Every user has a one private and a one public key. I can send my same
> >> public
> >> key to all others. For 10 people, 20 keys are needed.. I am not sure how
> >> 110 come from?
> >> Is this a private com session or just a different comm session with each
> >> pair?
> >>
> >> Thanks,
> >>
> >> Nimal Gunarathna
> >>
> >>
> >>
> >> --- On Tue, 1/19/10, cisspstudy-request at cccure.org
> >> <cisspstudy-request at cccure.org> wrote:
> >>
> >> From: cisspstudy-request at cccure.org <cisspstudy-request at cccure.org>
> >> Subject: cisspstudy Digest, Vol 19, Issue 16
> >>
> >> To: cisspstudy at cccure.org
> >> Date: Tuesday, January 19, 2010, 11:00 AM
> >>
> >> Send cisspstudy mailing list submissions to
> >> cisspstudy at cccure.org
> >>
> >> To subscribe or unsubscribe via the World Wide Web, visit
> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >>
> >> or, via email, send a message with subject or body 'help' to
> >>
> >> cisspstudy-request at cccure.org
> >>
> >> You can reach the person managing the list at
> >> cisspstudy-owner at cccure.org
> >>
> >> When replying, please edit your Subject line so it is more specific
> >> than "Re: Contents of cisspstudy digest..."
> >>
> >>
> >> Today's Topics:
> >>
> >> 1. cisspstudy - Cryptography questions (twitwicki at hannaford.com)
> >>
> >> 2. Re: New to CISSP Cert (Mark Price)
> >>
> >> 3. Re: New to CISSP Cert (jack wang)
> >> 4. Re: New to CISSP Cert (Jeronimo Zucco)
> >>
> >>
> >>
> >> ----------------------------------------------------------------------
> >>
> >>
> >> Message: 1
> >>
> >> Date: Mon, 18 Jan 2010 14:48:26 -0500
> >> From: twitwicki at hannaford.com
> >> To: cisspstudy at cccure.org
> >> Subject: [Cisspstudy] cisspstudy - Cryptography questions
> >>
> >> Message-ID:
> >> <
> >>
> >> OF8F407D94.BBDB76DE-ON852576AF.006B4314-852576AF.006CCD97 at hannaford.com
> >
> >>
> >>
> >> Content-Type: text/plain; charset=US-ASCII
> >>
> >>
> >>
> >>
> >> Hello all,
> >>
> >> I'd like your thoughts on these questions from Michael Gregg's
> >>
> >> CISSP
> >> Practice questions:
> >>
> >> In an asymmetric system how many keys are required for 10 users to
> >> fully
> >>
> >> communicate?
> >>
> >>
> >> A. 10
> >> B. 20
> >> C. 45
> >> D 110
> >>
> >> The answer states D. 110 - "Each user would have his private, phus
> >> his
> >> public key, plus each of the nine other public keys"
> >>
> >> Shouldn't the answer be B. 20 because the public keys is only couned
> >> once
> >>
> >> for each private/public pair? This also seems consistent with the
> >>
> >> formula
> >> for symmetric keys: N(N-1)/2 where N is the number of users needing to
> >>
> >> communicate. In this case the secret key is only counted once even if
> >>
> >> it's
> >>
> >> shared between users.
> >>
> >>
> >> Here's another question that has me puzzled:
> >>
> >>
> >> Which cryptographic system can be used for integrity, authenticity and
> >>
> >> non-repudiation?
> >>
> >>
> >> A. Asymmetric encryption
> >>
> >> B. Symmetric encryption
> >>
> >> C. Hashing
> >>
> >> D. None of the above
> >>
> >>
> >> The answers states A. Asymmetric. Shouldn't the answer be D. None of
> >> the
> >>
> >> above because Hashing is needed for integrity?
> >>
> >>
> >> Your thoughts will be much appreciated.
> >>
> >>
> >> Tom Witwicki, CIPP
> >>
> >> Director, Information Security
> >>
> >> Hannaford Bros. Co.
> >> 207-885-2073
> >>
> >>
> >> Join me on Linkedin!
> >>
> >> http://www.linkedin.com/in/tomwitwicki
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> ------------------------------
> >>
> >>
> >> Message: 2
> >>
> >> Date: Mon, 18 Jan 2010 21:47:45 +0000
> >> From: "Mark Price" <prinext at gmail.com>
> >>
> >> To: "The CISSP Study Mailing list" <cisspstudy at cccure.org>
> >>
> >> Subject: Re: [Cisspstudy] New to CISSP Cert
> >> Message-ID:
> >> <
> >>
> >> 1180962559-1263851266-cardhu_decombobulator_blackberry.rim.net-147941822
> >> -
> >>
> >> @bda153.bisx.prod.on.blackberry>
> >>
> >>
> >> Content-Type: text/plain
> >>
> >>
> >> I have heard each edition is an update of the previous plus more of
> >> the
> >> latest technology and or standards.
> >> I have the 4th and the DVD set, they plus cccure.org worked for me.
> >> V/r,
> >>
> >>
> >> Mark Price
> >>
> >> PRINEXT
> >> c:240-743-7654
> >>
> >> mprice at prinext.com
> >>
> >> www.prinext.com
> >>
> >> -----Original Message-----
> >>
> >> From: Cert Prep <bugtraq.mailbox at gmail.com>
> >> Date: Mon, 18 Jan 2010 13:22:40
> >> To: The CISSP Study Mailing list<cisspstudy at cccure.org>
> >> Subject: Re: [Cisspstudy] New to CISSP Cert
> >>
> >> Thanks Jeronimo. I will listen to it.
> >>
> >> I have Shon Harris Second Edition which I bought many years back. I
> >> have heard that 5th edition is about to come. Is it ok to prepare from
> >>
> >> second edition until 5th edition is out? Does anybody know the
> >>
> >> differences between 2nd and 4th? I am sure there will be many but are
> >> those drastic to the extent that I will have to revise the stuff,
> >> which I have already gone through using second edition, from 5th
> >>
> >> edition once it is published?
> >>
> >> Any help would be appreciated.
> >>
> >>
> >> Thanks.
> >> Adam
> >>
> >>
> >> On Mon, Jan 18, 2010 at 12:51 PM, Jeronimo Zucco <jczucco at gmail.com>
> >>
> >> wrote:
> >>
> >> > 2010/1/18 Cert Prep <bugtraq.mailbox at gmail.com>:
> >>
> >> >> Hi Folks,
> >>
> >> >>
> >>
> >> >> I am planning to prepare for CISSP Cert and would like to know
> >> which
> >> >> book or material is best for the preparations.
> >> >
> >> >
> >> > http://www.cccure.org/flash/intro/player.html
> >> >
> >> >
> >> >
> >> > --
> >>
> >> > Jeronimo Zucco
> >>
> >> > http://jczucco.blogspot.com
> >> >
> >> > _______________________________________________
> >> > cisspstudy mailing list
> >> > cisspstudy at cccure.org
> >> > http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >>
> >> >
> >>
> >> _______________________________________________
> >> cisspstudy mailing list
> >> cisspstudy at cccure.org
> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >>
> >>
> >> ------------------------------
> >>
> >>
> >> Message: 3
> >>
> >> Date: Tue, 19 Jan 2010 20:05:00 +0800
> >> From: jack wang <windjie at gmail.com>
> >> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
> >>
> >> Subject: Re: [Cisspstudy] New to CISSP Cert
> >> Message-ID:
> >> <3c43566f1001190405t2bfd204as4a953dd160a5b92b at mail.gmail.com>
> >> Content-Type: text/plain; charset="iso-8859-1"
> >>
> >>
> >> Shon Harris Second Edition,plus www.cccure.org,they are enough
> >>
> >> -------------- next part --------------
> >> An HTML attachment was scrubbed...
> >>
> >> URL: <
> >>
> >>
> >>
> http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100119/0
> >> d
> >>
> >> 0b7b8f/attachment-0001.html>
> >>
> >>
> >> ------------------------------
> >>
> >>
> >> Message: 4
> >>
> >> Date: Tue, 19 Jan 2010 10:34:19 -0200
> >> From: Jeronimo Zucco <jczucco at gmail.com>
> >>
> >> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
> >>
> >> Subject: Re: [Cisspstudy] New to CISSP Cert
> >> Message-ID:
> >> <2d6b298c1001190434i6f1eb72ct1157b63b80fe9301 at mail.gmail.com>
> >> Content-Type: text/plain; charset=ISO-8859-1
> >>
> >>
> >> All-in_one edition 5:
> >>
> >>
> >>
> http://www.amazon.com/CISSP-All-One-Guide-Fifth/dp/0071602178/ref=sr_1_2
> >> ?
> >>
> >> ie=UTF8&s=books&qid=1263898897&sr=8-2
> >>
> >> I always recommend the last edition, because of updates and
> >> corretions. Or you can read all erratas for your edition.
> >>
> >> 2010/1/19 jack wang <windjie at gmail.com>:
> >>
> >> > ?Shon Harris Second Edition,plus www.cccure.org,they are enough
> >> >
> >>
> >>
> >> --
> >>
> >> Jeronimo Zucco
> >>
> >> http://jczucco.blogspot.com
> >>
> >>
> >>
> >> ------------------------------
> >>
> >>
> >> _______________________________________________
> >> cisspstudy mailing list
> >> cisspstudy at cccure.org
> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >>
> >>
> >>
> >> End of cisspstudy Digest, Vol 19, Issue 16
> >>
> >> ******************************************
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> _______________________________________________
> >> cisspstudy mailing list
> >> cisspstudy at cccure.org
> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >>
> >>
> >> _______________________________________________
> >> cisspstudy mailing list
> >> cisspstudy at cccure.org
> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >>
> >>
> >>
> >>
> >> -------------- next part --------------
> >> An HTML attachment was scrubbed...
> >> URL: <
> >>
> http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100120/6
> >> b681<
> http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100120/6b681
> >
> >> 638/attachment.html
> >> >
> >>
> >> ------------------------------
> >>
> >> _______________________________________________
> >> cisspstudy mailing list
> >> cisspstudy at cccure.org
> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >>
> >>
> >> End of cisspstudy Digest, Vol 19, Issue 18
> >> ******************************************
> >>
> >>
> >>
> >> _______________________________________________
> >> cisspstudy mailing list
> >> cisspstudy at cccure.org
> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >>
> >>
> >> _______________________________________________
> >> cisspstudy mailing list
> >> cisspstudy at cccure.org
> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >>
> >>
> >>
> >> ------------------------------
> >>
> >> _______________________________________________
> >> cisspstudy mailing list
> >> cisspstudy at cccure.org
> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >>
> >>
> >> End of cisspstudy Digest, Vol 19, Issue 23
> >> ******************************************
> >>
> >
> >
> > _______________________________________________
> > CISSPstudy mailing list
> > CISSPstudy at cccure.org
> > http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >
> >
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100210/f28ae78a/attachment.html
> >
>
> ------------------------------
>
> _______________________________________________
> CISSPstudy mailing list
> CISSPstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
> End of CISSPstudy Digest, Vol 20, Issue 5
> *****************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100211/17dd2d10/attachment-0001.html>
More information about the CISSPstudy
mailing list