[CCCure CISSP] CISSPstudy Digest, Vol 20, Issue 5
Clement Dupuis
clement.dupuis at cccure.com
Thu Feb 11 06:11:42 EST 2010
EXACTLY!
In this case it is the author interpretation and it is a mistake.
You do not have different keys. You only one two keys in Asymmetric.
Everyone use your single public key to communicate securely with you.
Forget about this question and use what every other book says.
Take care
Clement
Clément Dupuis, CD
CISSP, GCFW, GCIA, QEH, QSA, Security+, CEH, ECSA, LPT, CCSA, CCSE, MBNS,
MBIS, MBHS, ACE
----------------------------------------------------------------------------------------------
In real life:
Senior Security Specialist and Instructor
Security University
>> Call me to get the best CISSP training <<
----------------------------------------------------------------------------------------------
In Cyberspace:
President/Security Evangelist/Chief Learning Officer (CLO)
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Business: 407 479 3903
Fax: 407 264 8396
Maintainer of :
The CISSP and SSCP Open Study Guides Web Site
http://www.cccure.org
The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org
Knowledge sharing and giving back to the community
On Thu, Feb 11, 2010 at 01:32, Ali Jawad <alijawad1 at gmail.com> wrote:
> If we just supposedly assumed that 110 was the correct answer for the
> asymmetric key question then it would blow the whole concept of
> asymmetric keys being more scalable than symmetric keys, since only 45
> symmetric keys would be needed for this question. And it is not a
> possibility to have more asymmetric keys than symmetric keys.
>
> On Thu, Feb 11, 2010 at 7:08 AM, Shibin Thomas <shibinthomas at gmail.com>
> wrote:
> > Thanks Clement
> >
> > REgards
> >
> > Shibin
> >
> > On Thu, Feb 11, 2010 at 6:43 AM, <cisspstudy-request at cccure.org> wrote:
> >>
> >> Send CISSPstudy mailing list submissions to
> >> cisspstudy at cccure.org
> >>
> >> To subscribe or unsubscribe via the World Wide Web, visit
> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> or, via email, send a message with subject or body 'help' to
> >> cisspstudy-request at cccure.org
> >>
> >> You can reach the person managing the list at
> >> cisspstudy-owner at cccure.org
> >>
> >> When replying, please edit your Subject line so it is more specific
> >> than "Re: Contents of CISSPstudy digest..."
> >>
> >>
> >> Today's Topics:
> >>
> >> 1. Re: cisspstudy Digest, Vol 19, Issue 23 (Clement Dupuis)
> >>
> >>
> >> ----------------------------------------------------------------------
> >>
> >> Message: 1
> >> Date: Wed, 10 Feb 2010 21:43:17 -0500
> >> From: Clement Dupuis <clement.dupuis at cccure.com>
> >> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
> >> Subject: Re: [CCCure CISSP] cisspstudy Digest, Vol 19, Issue 23
> >> Message-ID:
> >> <959788641002101843g1829c526tbf9c39940d903536 at mail.gmail.com>
> >> Content-Type: text/plain; charset="iso-8859-1"
> >>
> >> Good day,
> >>
> >> No need to get worried yet.
> >>
> >> There hasn't been any major changes to the exam.
> >>
> >> Take care
> >>
> >> Clement
> >> ]
> >>
> >>
> >>
> >> On Wed, Feb 10, 2010 at 13:00, Shibin Thomas <shibinthomas at gmail.com>
> >> wrote:
> >>
> >> > Hi All,
> >> >
> >> > Is there any change the topics because of new release of books.
> >> >
> >> > Regards
> >> >
> >> >
> >> > Shibin
> >> >
> >> > On Thu, Jan 21, 2010 at 9:00 PM, <cisspstudy-request at cccure.org>
> wrote:
> >> >
> >> >> Send cisspstudy mailing list submissions to
> >> >> cisspstudy at cccure.org
> >> >>
> >> >> To subscribe or unsubscribe via the World Wide Web, visit
> >> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> >> or, via email, send a message with subject or body 'help' to
> >> >> cisspstudy-request at cccure.org
> >> >>
> >> >> You can reach the person managing the list at
> >> >> cisspstudy-owner at cccure.org
> >> >>
> >> >> When replying, please edit your Subject line so it is more specific
> >> >> than "Re: Contents of cisspstudy digest..."
> >> >>
> >> >>
> >> >> Today's Topics:
> >> >>
> >> >> 1. Re: cisspstudy Digest, Vol 19, Issue 18 (Holland, Brandon)
> >> >>
> >> >>
> >> >>
> ----------------------------------------------------------------------
> >> >>
> >> >> Message: 1
> >> >> Date: Wed, 20 Jan 2010 14:06:11 -0600
> >> >> From: "Holland, Brandon" <hollandb at frmaint.com>
> >> >> To: "The CISSP Study Mailing list" <cisspstudy at cccure.org>
> >> >> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 18
> >> >> Message-ID:
> >> >> <58B3233454132D468C5F0D655003DA6410F891EA at MAIL.frmaint.com>
> >> >> Content-Type: text/plain; charset="us-ascii"
> >> >>
> >> >> That's what stinks about a lot of these questions... because you can
> >> >> understand everything there is to know about the keys and types of
> keys
> >> >> and still can miss it because you didn't know how the question author
> >> >> wanted you to interpret the question... but this is great is at least
> >> >> whether or not u get this question wrong, it will help to concrete
> the
> >> >> underlying concepts in your head (the actual important thing, much
> >> >> better than getting a question right on a test)
> >> >>
> >> >> Saying all this, I think this is a little over-blown... over
> >> >> analyzed... I think the author put "fully" not for you to ensure you
> >> >> count the same key each time it's used, but to make sure you really
> >> >> know
> >> >> asymmetric and don't use the symmetric key formula on it instead...
> >> >> you
> >> >> only need 20 keys in total to fully communicate to every person, no
> >> >> matter how many times those keys are used. Also, it says how many
> keys
> >> >> are 'required' not how many times they are 'used'
> >> >>
> >> >>
> >> >>
> >> >> -----Original Message-----
> >> >> From: cisspstudy-bounces at cccure.org
> >> >> [mailto:cisspstudy-bounces at cccure.org] On Behalf Of gerritsjs
> >> >> Sent: Wednesday, January 20, 2010 12:07 PM
> >> >> To: 'The CISSP Study Mailing list'
> >> >> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 18
> >> >>
> >> >> Tom;
> >> >>
> >> >> Let us put it in perspective. Let us assume that you have made two
> >> >> keys
> >> >> to your house (i.e one public key and one private key).... that is
> two.
> >> >> You
> >> >> plan to take a vacation for nine/ten days. You have asked 9 friends
> of
> >> >> yours
> >> >> to watch the house, while you are away. You have given your public
> key
> >> >> to a
> >> >> trusted entity (i.e., your aunt/uncle) and told her that you have
> >> >> identified
> >> >> 9 friends to watch your house while you are away and that she is to
> >> >> provide
> >> >> your friends with the public key to your house.
> >> >>
> >> >> To use the asymmetric logic, the trusted entity must not duplicate
> the
> >> >> key
> >> >> and that the "trusted" person who is responsible for watching the
> house
> >> >> returns the key to the trusted entity upon completion of his/her
> watch,
> >> >> so
> >> >> that the next "trusted" person can obtain the key and watch the house
> >> >> for
> >> >> you. Using this logic, I agree that the number of keys is still 2.
> >> >>
> >> >> When reading the question, it appears that each of your 9 friends has
> >> >> the
> >> >> key to your house (even though they are duplicates), while you are
> >> >> away.
> >> >> And that, let us say, your condo is in New York and that your friends
> >> >> are
> >> >> scattered throughout the United States, and you entrusted them with
> >> >> your
> >> >> condo of $2 Million in New York. That is, your friends are in
> Chicago,
> >> >> Washington D.C., Ann Arbor, Dallas, Miami, etc. The trusted entity
> is
> >> >> in
> >> >> Los Angeles. Question: Is the asymmetric logic still applicable?
> >> >>
> >> >> jonus
> >> >>
> >> >>
> >> >> -----Original Message-----
> >> >> From: cisspstudy-bounces at cccure.org
> >> >> [mailto:cisspstudy-bounces at cccure.org]
> >> >> On Behalf Of twitwicki at hannaford.com
> >> >> Sent: Wednesday, January 20, 2010 6:20 AM
> >> >> To: cisspstudy at cccure.org
> >> >> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 18
> >> >>
> >> >>
> >> >>
> >> >> Janus,
> >> >>
> >> >> Thank you for adding your explanation of the question. I can see the
> >> >> logic
> >> >> and your formula makes it easy to understand, but should the public
> >> >> keys
> >> >> be
> >> >> counted as separate for each participant? Aren't they really just
> the
> >> >> same
> >> >> public key used by the 10 participants? The fact that Asymmetric
> >> >> encryption is described as more scalable than symmetric also points
> to
> >> >> this. If the were a symmetric case, the keys needed would be 45 .
> >> >> There
> >> >> is a also an example in the ISC2 guide which supports the approach
> >> >> which
> >> >> leads to the answer of 20.
> >> >>
> >> >> Tom Witwicki, CIPP
> >> >> Director, Information Security
> >> >> Hannaford Bros. Co.
> >> >> 207-885-2073
> >> >>
> >> >> Join me on Linkedin!
> >> >> http://www.linkedin.com/in/tomwitwicki
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >> cisspstudy-reques
> >> >>
> >> >> t at cccure.org
> >> >>
> >> >> Sent by:
> >> >> To
> >> >> cisspstudy-bounce cisspstudy at cccure.org
> >> >>
> >> >> s at cccure.org
> >> >> cc
> >> >>
> >> >>
> >> >>
> >> >> Subject
> >> >> 01/19/2010 05:53 cisspstudy Digest, Vol 19,
> Issue
> >> >> 18
> >> >> PM
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >> Please respond to
> >> >>
> >> >> cisspstudy at cccure
> >> >>
> >> >> .org
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >> Send cisspstudy mailing list submissions to
> >> >> cisspstudy at cccure.org
> >> >>
> >> >> To subscribe or unsubscribe via the World Wide Web, visit
> >> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> >> or, via email, send a message with subject or body 'help' to
> >> >> cisspstudy-request at cccure.org
> >> >>
> >> >> You can reach the person managing the list at
> >> >> cisspstudy-owner at cccure.org
> >> >>
> >> >> When replying, please edit your Subject line so it is more specific
> >> >> than "Re: Contents of cisspstudy digest..."
> >> >>
> >> >>
> >> >> Today's Topics:
> >> >>
> >> >> 1. Re: cisspstudy Digest, Vol 19, Issue 16 (gerritsjs)
> >> >> 2. Re: cisspstudy Digest, Vol 19, Issue 16 (Saurabh Bhargava)
> >> >>
> >> >>
> >> >>
> ----------------------------------------------------------------------
> >> >>
> >> >> Message: 1
> >> >> Date: Tue, 19 Jan 2010 14:02:56 -0800
> >> >> From: "gerritsjs" <gerritsjs at gmail.com>
> >> >> To: "'The CISSP Study Mailing list'" <cisspstudy at cccure.org>,
> >> >> "'Nimal
> >> >> Gunarathna'" <ng949 at yahoo.com>
> >> >> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
> >> >> Message-ID: <4b562c14.0c07560a.29a4.ffffa51a at mx.google.com>
> >> >> Content-Type: text/plain; charset="us-ascii"
> >> >>
> >> >> Nimal, Tom;
> >> >>
> >> >> The question is "fully" communicated. Within a community of 10
> users,
> >> >> each user will have one private key. So we have 10 private keys.
> >> >> Public
> >> >> keys are as follows:
> >> >> For each user, there are 10 public keys. 10 users imply 100 public
> >> >> keys.
> >> >> This makes a total of 110 keys.
> >> >>
> >> >> Think of a Mesh Technology.
> >> >>
> >> >> Jonus
> >> >>
> >> >> -----Original Message-----
> >> >> From: cisspstudy-bounces at cccure.org
> >> >> [mailto:cisspstudy-bounces at cccure.org]
> >> >> On Behalf Of twitwicki at hannaford.com
> >> >> Sent: Tuesday, January 19, 2010 1:23 PM
> >> >> To: Nimal Gunarathna
> >> >> Cc: cisspstudy at cccure.org
> >> >> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
> >> >>
> >> >>
> >> >>
> >> >> Hi Nimal,
> >> >> I followed the same logic as you on this question. In order to
> >> >> get
> >> >> to the 110 answer each public key would have to be counted each time
> >> >> it's
> >> >> used which doesn't make sense. I've come across other examples from
> >> >> this
> >> >> book that are very questionable, which leads me to believe that the
> >> >> questions and answers have not been thouroughly vetted. Thank you
> for
> >> >> the
> >> >> reply.
> >> >>
> >> >> Tom Witwicki, CIPP
> >> >> Director, Information Security
> >> >> Hannaford Bros. Co.
> >> >> 207-885-2073
> >> >>
> >> >> Join me on Linkedin!
> >> >> http://www.linkedin.com/in/tomwitwicki
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >> Nimal Gunarathna
> >> >> <ng949 at yahoo.com>
> >> >>
> >> >> To
> >> >> 01/19/2010 04:07 cisspstudy at cccure.org
> >> >> PM
> >> >> cc
> >> >> twitwicki at hannaford.com
> >> >>
> >> >> Subject
> >> >> Re: cisspstudy Digest, Vol 19,
> >> >> Issue 16
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >> Hi Tom,
> >> >>
> >> >>
> >> >> This question puzzles me..
> >> >>
> >> >> In an asymmetric system how many keys are required for 10 users to
> >> >> fully
> >> >>
> >> >> communicate?
> >> >>
> >> >>
> >> >> Every user has a one private and a one public key. I can send my
> same
> >> >>
> >> >> public
> >> >>
> >> >> key to all others. For 10 people, 20 keys are needed.. I am not sure
> >> >> how
> >> >>
> >> >> 110 come from?
> >> >>
> >> >> Is this a private com session or just a different comm session with
> >> >> each
> >> >>
> >> >> pair?
> >> >>
> >> >>
> >> >> Thanks,
> >> >>
> >> >>
> >> >> Nimal Gunarathna
> >> >>
> >> >>
> >> >>
> >> >>
> >> >> --- On Tue, 1/19/10, cisspstudy-request at cccure.org
> >> >>
> >> >> <cisspstudy-request at cccure.org> wrote:
> >> >>
> >> >>
> >> >> From: cisspstudy-request at cccure.org <cisspstudy-request at cccure.org>
> >> >>
> >> >> Subject: cisspstudy Digest, Vol 19, Issue 16
> >> >>
> >> >> To: cisspstudy at cccure.org
> >> >>
> >> >> Date: Tuesday, January 19, 2010, 11:00 AM
> >> >>
> >> >>
> >> >> Send cisspstudy mailing list submissions to
> >> >>
> >> >> cisspstudy at cccure.org
> >> >>
> >> >>
> >> >> To subscribe or unsubscribe via the World Wide Web, visit
> >> >>
> >> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> >>
> >> >> or, via email, send a message with subject or body 'help' to
> >> >>
> >> >> cisspstudy-request at cccure.org
> >> >>
> >> >>
> >> >> You can reach the person managing the list at
> >> >>
> >> >> cisspstudy-owner at cccure.org
> >> >>
> >> >>
> >> >> When replying, please edit your Subject line so it is more specific
> >> >>
> >> >> than "Re: Contents of cisspstudy digest..."
> >> >>
> >> >>
> >> >>
> >> >> Today's Topics:
> >> >>
> >> >>
> >> >> 1. cisspstudy - Cryptography questions (twitwicki at hannaford.com
> )
> >> >>
> >> >> 2. Re: New to CISSP Cert (Mark Price)
> >> >>
> >> >> 3. Re: New to CISSP Cert (jack wang)
> >> >>
> >> >> 4. Re: New to CISSP Cert (Jeronimo Zucco)
> >> >>
> >> >>
> >> >>
> >> >>
> ----------------------------------------------------------------------
> >> >>
> >> >>
> >> >> Message: 1
> >> >>
> >> >> Date: Mon, 18 Jan 2010 14:48:26 -0500
> >> >>
> >> >> From: twitwicki at hannaford.com
> >> >>
> >> >> To: cisspstudy at cccure.org
> >> >>
> >> >> Subject: [Cisspstudy] cisspstudy - Cryptography questions
> >> >>
> >> >> Message-ID:
> >> >>
> >> >> <
> >> >>
> >> >>
> >> >>
> >> >>
> OF8F407D94.BBDB76DE-ON852576AF.006B4314-852576AF.006CCD97 at hannaford.com>
> >> >>
> >> >>
> >> >> Content-Type: text/plain; charset=US-ASCII
> >> >>
> >> >>
> >> >>
> >> >>
> >> >> Hello all,
> >> >>
> >> >> I'd like your thoughts on these questions from Michael Gregg's
> >> >>
> >> >> CISSP
> >> >>
> >> >> Practice questions:
> >> >>
> >> >>
> >> >> In an asymmetric system how many keys are required for 10 users to
> >> >> fully
> >> >>
> >> >> communicate?
> >> >>
> >> >>
> >> >> A. 10
> >> >>
> >> >> B. 20
> >> >>
> >> >> C. 45
> >> >>
> >> >> D 110
> >> >>
> >> >>
> >> >> The answer states D. 110 - "Each user would have his private, phus
> >> >> his
> >> >>
> >> >> public key, plus each of the nine other public keys"
> >> >>
> >> >> Shouldn't the answer be B. 20 because the public keys is only
> couned
> >> >>
> >> >> once
> >> >>
> >> >> for each private/public pair? This also seems consistent with the
> >> >>
> >> >> formula
> >> >>
> >> >> for symmetric keys: N(N-1)/2 where N is the number of users needing
> to
> >> >>
> >> >> communicate. In this case the secret key is only counted once even
> if
> >> >>
> >> >> it's
> >> >>
> >> >> shared between users.
> >> >>
> >> >>
> >> >>
> >> >> Here's another question that has me puzzled:
> >> >>
> >> >>
> >> >> Which cryptographic system can be used for integrity, authenticity
> and
> >> >>
> >> >> non-repudiation?
> >> >>
> >> >>
> >> >> A. Asymmetric encryption
> >> >>
> >> >> B. Symmetric encryption
> >> >>
> >> >> C. Hashing
> >> >>
> >> >> D. None of the above
> >> >>
> >> >>
> >> >> The answers states A. Asymmetric. Shouldn't the answer be D. None
> of
> >> >> the
> >> >>
> >> >> above because Hashing is needed for integrity?
> >> >>
> >> >>
> >> >> Your thoughts will be much appreciated.
> >> >>
> >> >>
> >> >>
> >> >> Tom Witwicki, CIPP
> >> >>
> >> >> Director, Information Security
> >> >>
> >> >> Hannaford Bros. Co.
> >> >>
> >> >> 207-885-2073
> >> >>
> >> >>
> >> >> Join me on Linkedin!
> >> >>
> >> >> http://www.linkedin.com/in/tomwitwicki
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >> ------------------------------
> >> >>
> >> >>
> >> >> Message: 2
> >> >>
> >> >> Date: Mon, 18 Jan 2010 21:47:45 +0000
> >> >>
> >> >> From: "Mark Price" <prinext at gmail.com>
> >> >>
> >> >> To: "The CISSP Study Mailing list" <cisspstudy at cccure.org>
> >> >>
> >> >> Subject: Re: [Cisspstudy] New to CISSP Cert
> >> >>
> >> >> Message-ID:
> >> >>
> >> >> <
> >> >>
> >> >>
> >> >>
> >> >>
> 1180962559-1263851266-cardhu_decombobulator_blackberry.rim.net-147941822
> >> >> -
> >> >>
> >> >> @bda153.bisx.prod.on.blackberry>
> >> >>
> >> >>
> >> >> Content-Type: text/plain
> >> >>
> >> >>
> >> >> I have heard each edition is an update of the previous plus more of
> >> >> the
> >> >>
> >> >> latest technology and or standards.
> >> >>
> >> >> I have the 4th and the DVD set, they plus cccure.org worked for me.
> >> >>
> >> >> V/r,
> >> >>
> >> >>
> >> >> Mark Price
> >> >>
> >> >> PRINEXT
> >> >>
> >> >> c:240-743-7654
> >> >>
> >> >> mprice at prinext.com
> >> >>
> >> >> www.prinext.com
> >> >>
> >> >>
> >> >> -----Original Message-----
> >> >>
> >> >> From: Cert Prep <bugtraq.mailbox at gmail.com>
> >> >>
> >> >> Date: Mon, 18 Jan 2010 13:22:40
> >> >>
> >> >> To: The CISSP Study Mailing list<cisspstudy at cccure.org>
> >> >>
> >> >> Subject: Re: [Cisspstudy] New to CISSP Cert
> >> >>
> >> >>
> >> >> Thanks Jeronimo. I will listen to it.
> >> >>
> >> >>
> >> >> I have Shon Harris Second Edition which I bought many years back. I
> >> >>
> >> >> have heard that 5th edition is about to come. Is it ok to prepare
> from
> >> >>
> >> >> second edition until 5th edition is out? Does anybody know the
> >> >>
> >> >> differences between 2nd and 4th? I am sure there will be many but
> are
> >> >>
> >> >> those drastic to the extent that I will have to revise the stuff,
> >> >>
> >> >> which I have already gone through using second edition, from 5th
> >> >>
> >> >> edition once it is published?
> >> >>
> >> >>
> >> >> Any help would be appreciated.
> >> >>
> >> >>
> >> >> Thanks.
> >> >>
> >> >> Adam
> >> >>
> >> >>
> >> >> On Mon, Jan 18, 2010 at 12:51 PM, Jeronimo Zucco <jczucco at gmail.com
> >
> >> >>
> >> >> wrote:
> >> >>
> >> >> > 2010/1/18 Cert Prep <bugtraq.mailbox at gmail.com>:
> >> >>
> >> >> >> Hi Folks,
> >> >>
> >> >> >>
> >> >>
> >> >> >> I am planning to prepare for CISSP Cert and would like to know
> >> >> which
> >> >>
> >> >> >> book or material is best for the preparations.
> >> >>
> >> >> >
> >> >>
> >> >> >
> >> >>
> >> >> > http://www.cccure.org/flash/intro/player.html
> >> >>
> >> >> >
> >> >>
> >> >> >
> >> >>
> >> >> >
> >> >>
> >> >> > --
> >> >>
> >> >> > Jeronimo Zucco
> >> >>
> >> >> > http://jczucco.blogspot.com
> >> >>
> >> >> >
> >> >>
> >> >> > _______________________________________________
> >> >>
> >> >> > cisspstudy mailing list
> >> >>
> >> >> > cisspstudy at cccure.org
> >> >>
> >> >> > http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> >>
> >> >> >
> >> >>
> >> >>
> >> >> _______________________________________________
> >> >>
> >> >> cisspstudy mailing list
> >> >>
> >> >> cisspstudy at cccure.org
> >> >>
> >> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> >>
> >> >>
> >> >> ------------------------------
> >> >>
> >> >>
> >> >> Message: 3
> >> >>
> >> >> Date: Tue, 19 Jan 2010 20:05:00 +0800
> >> >>
> >> >> From: jack wang <windjie at gmail.com>
> >> >>
> >> >> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
> >> >>
> >> >> Subject: Re: [Cisspstudy] New to CISSP Cert
> >> >>
> >> >> Message-ID:
> >> >>
> >> >> <3c43566f1001190405t2bfd204as4a953dd160a5b92b at mail.gmail.com>
> >> >>
> >> >> Content-Type: text/plain; charset="iso-8859-1"
> >> >>
> >> >>
> >> >> Shon Harris Second Edition,plus www.cccure.org,they are enough
> >> >>
> >> >> -------------- next part --------------
> >> >>
> >> >> An HTML attachment was scrubbed...
> >> >>
> >> >> URL: <
> >> >>
> >> >>
> >> >>
> >> >>
> http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100119/0
> >> >> d
> >> >>
> >> >> 0b7b8f/attachment-0001.html>
> >> >>
> >> >>
> >> >> ------------------------------
> >> >>
> >> >>
> >> >> Message: 4
> >> >>
> >> >> Date: Tue, 19 Jan 2010 10:34:19 -0200
> >> >>
> >> >> From: Jeronimo Zucco <jczucco at gmail.com>
> >> >>
> >> >> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
> >> >>
> >> >> Subject: Re: [Cisspstudy] New to CISSP Cert
> >> >>
> >> >> Message-ID:
> >> >>
> >> >> <2d6b298c1001190434i6f1eb72ct1157b63b80fe9301 at mail.gmail.com>
> >> >>
> >> >> Content-Type: text/plain; charset=ISO-8859-1
> >> >>
> >> >>
> >> >> All-in_one edition 5:
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> http://www.amazon.com/CISSP-All-One-Guide-Fifth/dp/0071602178/ref=sr_1_2
> >> >> ?
> >> >>
> >> >> ie=UTF8&s=books&qid=1263898897&sr=8-2
> >> >>
> >> >>
> >> >> I always recommend the last edition, because of updates and
> >> >>
> >> >> corretions. Or you can read all erratas for your edition.
> >> >>
> >> >>
> >> >> 2010/1/19 jack wang <windjie at gmail.com>:
> >> >>
> >> >> > ?Shon Harris Second Edition,plus www.cccure.org,they are enough
> >> >>
> >> >> >
> >> >>
> >> >>
> >> >>
> >> >> --
> >> >>
> >> >> Jeronimo Zucco
> >> >>
> >> >> http://jczucco.blogspot.com
> >> >>
> >> >>
> >> >>
> >> >>
> >> >> ------------------------------
> >> >>
> >> >>
> >> >> _______________________________________________
> >> >>
> >> >> cisspstudy mailing list
> >> >>
> >> >> cisspstudy at cccure.org
> >> >>
> >> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> >>
> >> >>
> >> >>
> >> >> End of cisspstudy Digest, Vol 19, Issue 16
> >> >>
> >> >> ******************************************
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >> _______________________________________________
> >> >> cisspstudy mailing list
> >> >> cisspstudy at cccure.org
> >> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> >>
> >> >>
> >> >>
> >> >>
> >> >> ------------------------------
> >> >>
> >> >> Message: 2
> >> >> Date: Wed, 20 Jan 2010 04:23:33 +0530 (IST)
> >> >> From: Saurabh Bhargava <catchbhargava at yahoo.com>
> >> >> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
> >> >> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
> >> >> Message-ID: <804072.93709.qm at web94803.mail.in2.yahoo.com>
> >> >> Content-Type: text/plain; charset="utf-8"
> >> >>
> >> >> Jonus, here is the catch.
> >> >>
> >> >> you say " For each user, there are 10 public keys. 10 users imply 100
> >> >> public keys" - but ALL these public keys are the same for all 10
> users,
> >> >> they aren't different so 10 users still will imply 10 Public keys ,
> >> >> even
> >> >> though author says "fully" communicate/Mesh technology.
> >> >>
> >> >> Tom, I would select the answers you've chosen for both the questions.
> >> >>
> >> >> Cheers, SB
> >> >>
> >> >>
> >> >>
> >> >> ________________________________
> >> >> From: gerritsjs <gerritsjs at gmail.com>
> >> >> To: The CISSP Study Mailing list <cisspstudy at cccure.org>; Nimal
> >> >> Gunarathna
> >> >> <ng949 at yahoo.com>
> >> >> Sent: Tue, 19 January, 2010 22:02:56
> >> >> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
> >> >>
> >> >> Nimal, Tom;
> >> >>
> >> >> The question is "fully" communicated. Within a community of 10
> users,
> >> >> each user will have one private key. So we have 10 private keys.
> >> >> Public
> >> >> keys are as follows:
> >> >> For each user, there are 10 public keys. 10 users imply 100 public
> >> >> keys.
> >> >> This makes a total of 110 keys.
> >> >>
> >> >> Think of a Mesh Technology.
> >> >>
> >> >> Jonus
> >> >>
> >> >> -----Original Message-----
> >> >> From: cisspstudy-bounces at cccure.org
> >> >> [mailto:cisspstudy-bounces at cccure.org]
> >> >> On Behalf Of twitwicki at hannaford.com
> >> >> Sent: Tuesday, January 19, 2010 1:23 PM
> >> >> To: Nimal Gunarathna
> >> >> Cc: cisspstudy at cccure.org
> >> >> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16
> >> >>
> >> >>
> >> >>
> >> >> Hi Nimal,
> >> >> I followed the same logic as you on this question. In order to
> >> >> get
> >> >> to the 110 answer each public key would have to be counted each time
> >> >> it's
> >> >> used which doesn't make sense. I've come across other examples from
> >> >> this
> >> >> book that are very questionable, which leads me to believe that the
> >> >> questions and answers have not been thouroughly vetted. Thank you
> for
> >> >> the
> >> >> reply.
> >> >>
> >> >> Tom Witwicki, CIPP
> >> >> Director, Information Security
> >> >> Hannaford Bros. Co.
> >> >> 207-885-2073
> >> >>
> >> >> Join me on Linkedin!
> >> >> http://www.linkedin.com/in/tomwitwicki
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >> Nimal Gunarathna
> >> >> <ng949 at yahoo.com>
> >> >>
> >> >> To
> >> >> 01/19/2010 04:07 cisspstudy at cccure.org
> >> >> PM
> >> >> cc
> >> >> twitwicki at hannaford.com
> >> >>
> >> >> Subject
> >> >> Re: cisspstudy Digest, Vol 19,
> >> >> Issue 16
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >> Hi Tom,
> >> >>
> >> >> This question puzzles me..
> >> >> In an asymmetric system how many keys are required for 10 users to
> >> >> fully
> >> >> communicate?
> >> >>
> >> >> Every user has a one private and a one public key. I can send my same
> >> >> public
> >> >> key to all others. For 10 people, 20 keys are needed.. I am not sure
> >> >> how
> >> >> 110 come from?
> >> >> Is this a private com session or just a different comm session with
> >> >> each
> >> >> pair?
> >> >>
> >> >> Thanks,
> >> >>
> >> >> Nimal Gunarathna
> >> >>
> >> >>
> >> >>
> >> >> --- On Tue, 1/19/10, cisspstudy-request at cccure.org
> >> >> <cisspstudy-request at cccure.org> wrote:
> >> >>
> >> >> From: cisspstudy-request at cccure.org <cisspstudy-request at cccure.org>
> >> >> Subject: cisspstudy Digest, Vol 19, Issue 16
> >> >>
> >> >> To: cisspstudy at cccure.org
> >> >> Date: Tuesday, January 19, 2010, 11:00 AM
> >> >>
> >> >> Send cisspstudy mailing list submissions to
> >> >> cisspstudy at cccure.org
> >> >>
> >> >> To subscribe or unsubscribe via the World Wide Web, visit
> >> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> >>
> >> >> or, via email, send a message with subject or body 'help' to
> >> >>
> >> >> cisspstudy-request at cccure.org
> >> >>
> >> >> You can reach the person managing the list at
> >> >> cisspstudy-owner at cccure.org
> >> >>
> >> >> When replying, please edit your Subject line so it is more specific
> >> >> than "Re: Contents of cisspstudy digest..."
> >> >>
> >> >>
> >> >> Today's Topics:
> >> >>
> >> >> 1. cisspstudy - Cryptography questions (twitwicki at hannaford.com
> )
> >> >>
> >> >> 2. Re: New to CISSP Cert (Mark Price)
> >> >>
> >> >> 3. Re: New to CISSP Cert (jack wang)
> >> >> 4. Re: New to CISSP Cert (Jeronimo Zucco)
> >> >>
> >> >>
> >> >>
> >> >>
> ----------------------------------------------------------------------
> >> >>
> >> >>
> >> >> Message: 1
> >> >>
> >> >> Date: Mon, 18 Jan 2010 14:48:26 -0500
> >> >> From: twitwicki at hannaford.com
> >> >> To: cisspstudy at cccure.org
> >> >> Subject: [Cisspstudy] cisspstudy - Cryptography questions
> >> >>
> >> >> Message-ID:
> >> >> <
> >> >>
> >> >>
> >> >>
> OF8F407D94.BBDB76DE-ON852576AF.006B4314-852576AF.006CCD97 at hannaford.com>
> >> >>
> >> >>
> >> >> Content-Type: text/plain; charset=US-ASCII
> >> >>
> >> >>
> >> >>
> >> >>
> >> >> Hello all,
> >> >>
> >> >> I'd like your thoughts on these questions from Michael Gregg's
> >> >>
> >> >> CISSP
> >> >> Practice questions:
> >> >>
> >> >> In an asymmetric system how many keys are required for 10 users to
> >> >> fully
> >> >>
> >> >> communicate?
> >> >>
> >> >>
> >> >> A. 10
> >> >> B. 20
> >> >> C. 45
> >> >> D 110
> >> >>
> >> >> The answer states D. 110 - "Each user would have his private, phus
> >> >> his
> >> >> public key, plus each of the nine other public keys"
> >> >>
> >> >> Shouldn't the answer be B. 20 because the public keys is only
> couned
> >> >> once
> >> >>
> >> >> for each private/public pair? This also seems consistent with the
> >> >>
> >> >> formula
> >> >> for symmetric keys: N(N-1)/2 where N is the number of users needing
> to
> >> >>
> >> >> communicate. In this case the secret key is only counted once even
> if
> >> >>
> >> >> it's
> >> >>
> >> >> shared between users.
> >> >>
> >> >>
> >> >> Here's another question that has me puzzled:
> >> >>
> >> >>
> >> >> Which cryptographic system can be used for integrity, authenticity
> and
> >> >>
> >> >> non-repudiation?
> >> >>
> >> >>
> >> >> A. Asymmetric encryption
> >> >>
> >> >> B. Symmetric encryption
> >> >>
> >> >> C. Hashing
> >> >>
> >> >> D. None of the above
> >> >>
> >> >>
> >> >> The answers states A. Asymmetric. Shouldn't the answer be D. None
> of
> >> >> the
> >> >>
> >> >> above because Hashing is needed for integrity?
> >> >>
> >> >>
> >> >> Your thoughts will be much appreciated.
> >> >>
> >> >>
> >> >> Tom Witwicki, CIPP
> >> >>
> >> >> Director, Information Security
> >> >>
> >> >> Hannaford Bros. Co.
> >> >> 207-885-2073
> >> >>
> >> >>
> >> >> Join me on Linkedin!
> >> >>
> >> >> http://www.linkedin.com/in/tomwitwicki
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >> ------------------------------
> >> >>
> >> >>
> >> >> Message: 2
> >> >>
> >> >> Date: Mon, 18 Jan 2010 21:47:45 +0000
> >> >> From: "Mark Price" <prinext at gmail.com>
> >> >>
> >> >> To: "The CISSP Study Mailing list" <cisspstudy at cccure.org>
> >> >>
> >> >> Subject: Re: [Cisspstudy] New to CISSP Cert
> >> >> Message-ID:
> >> >> <
> >> >>
> >> >>
> >> >>
> 1180962559-1263851266-cardhu_decombobulator_blackberry.rim.net-147941822
> >> >> -
> >> >>
> >> >> @bda153.bisx.prod.on.blackberry>
> >> >>
> >> >>
> >> >> Content-Type: text/plain
> >> >>
> >> >>
> >> >> I have heard each edition is an update of the previous plus more of
> >> >> the
> >> >> latest technology and or standards.
> >> >> I have the 4th and the DVD set, they plus cccure.org worked for me.
> >> >> V/r,
> >> >>
> >> >>
> >> >> Mark Price
> >> >>
> >> >> PRINEXT
> >> >> c:240-743-7654
> >> >>
> >> >> mprice at prinext.com
> >> >>
> >> >> www.prinext.com
> >> >>
> >> >> -----Original Message-----
> >> >>
> >> >> From: Cert Prep <bugtraq.mailbox at gmail.com>
> >> >> Date: Mon, 18 Jan 2010 13:22:40
> >> >> To: The CISSP Study Mailing list<cisspstudy at cccure.org>
> >> >> Subject: Re: [Cisspstudy] New to CISSP Cert
> >> >>
> >> >> Thanks Jeronimo. I will listen to it.
> >> >>
> >> >> I have Shon Harris Second Edition which I bought many years back. I
> >> >> have heard that 5th edition is about to come. Is it ok to prepare
> from
> >> >>
> >> >> second edition until 5th edition is out? Does anybody know the
> >> >>
> >> >> differences between 2nd and 4th? I am sure there will be many but
> are
> >> >> those drastic to the extent that I will have to revise the stuff,
> >> >> which I have already gone through using second edition, from 5th
> >> >>
> >> >> edition once it is published?
> >> >>
> >> >> Any help would be appreciated.
> >> >>
> >> >>
> >> >> Thanks.
> >> >> Adam
> >> >>
> >> >>
> >> >> On Mon, Jan 18, 2010 at 12:51 PM, Jeronimo Zucco <jczucco at gmail.com
> >
> >> >>
> >> >> wrote:
> >> >>
> >> >> > 2010/1/18 Cert Prep <bugtraq.mailbox at gmail.com>:
> >> >>
> >> >> >> Hi Folks,
> >> >>
> >> >> >>
> >> >>
> >> >> >> I am planning to prepare for CISSP Cert and would like to know
> >> >> which
> >> >> >> book or material is best for the preparations.
> >> >> >
> >> >> >
> >> >> > http://www.cccure.org/flash/intro/player.html
> >> >> >
> >> >> >
> >> >> >
> >> >> > --
> >> >>
> >> >> > Jeronimo Zucco
> >> >>
> >> >> > http://jczucco.blogspot.com
> >> >> >
> >> >> > _______________________________________________
> >> >> > cisspstudy mailing list
> >> >> > cisspstudy at cccure.org
> >> >> > http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> >>
> >> >> >
> >> >>
> >> >> _______________________________________________
> >> >> cisspstudy mailing list
> >> >> cisspstudy at cccure.org
> >> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> >>
> >> >>
> >> >> ------------------------------
> >> >>
> >> >>
> >> >> Message: 3
> >> >>
> >> >> Date: Tue, 19 Jan 2010 20:05:00 +0800
> >> >> From: jack wang <windjie at gmail.com>
> >> >> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
> >> >>
> >> >> Subject: Re: [Cisspstudy] New to CISSP Cert
> >> >> Message-ID:
> >> >> <3c43566f1001190405t2bfd204as4a953dd160a5b92b at mail.gmail.com>
> >> >> Content-Type: text/plain; charset="iso-8859-1"
> >> >>
> >> >>
> >> >> Shon Harris Second Edition,plus www.cccure.org,they are enough
> >> >>
> >> >> -------------- next part --------------
> >> >> An HTML attachment was scrubbed...
> >> >>
> >> >> URL: <
> >> >>
> >> >>
> >> >>
> >> >>
> http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100119/0
> >> >> d
> >> >>
> >> >> 0b7b8f/attachment-0001.html>
> >> >>
> >> >>
> >> >> ------------------------------
> >> >>
> >> >>
> >> >> Message: 4
> >> >>
> >> >> Date: Tue, 19 Jan 2010 10:34:19 -0200
> >> >> From: Jeronimo Zucco <jczucco at gmail.com>
> >> >>
> >> >> To: The CISSP Study Mailing list <cisspstudy at cccure.org>
> >> >>
> >> >> Subject: Re: [Cisspstudy] New to CISSP Cert
> >> >> Message-ID:
> >> >> <2d6b298c1001190434i6f1eb72ct1157b63b80fe9301 at mail.gmail.com>
> >> >> Content-Type: text/plain; charset=ISO-8859-1
> >> >>
> >> >>
> >> >> All-in_one edition 5:
> >> >>
> >> >>
> >> >>
> >> >>
> http://www.amazon.com/CISSP-All-One-Guide-Fifth/dp/0071602178/ref=sr_1_2
> >> >> ?
> >> >>
> >> >> ie=UTF8&s=books&qid=1263898897&sr=8-2
> >> >>
> >> >> I always recommend the last edition, because of updates and
> >> >> corretions. Or you can read all erratas for your edition.
> >> >>
> >> >> 2010/1/19 jack wang <windjie at gmail.com>:
> >> >>
> >> >> > ?Shon Harris Second Edition,plus www.cccure.org,they are enough
> >> >> >
> >> >>
> >> >>
> >> >> --
> >> >>
> >> >> Jeronimo Zucco
> >> >>
> >> >> http://jczucco.blogspot.com
> >> >>
> >> >>
> >> >>
> >> >> ------------------------------
> >> >>
> >> >>
> >> >> _______________________________________________
> >> >> cisspstudy mailing list
> >> >> cisspstudy at cccure.org
> >> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> >>
> >> >>
> >> >>
> >> >> End of cisspstudy Digest, Vol 19, Issue 16
> >> >>
> >> >> ******************************************
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >>
> >> >> _______________________________________________
> >> >> cisspstudy mailing list
> >> >> cisspstudy at cccure.org
> >> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> >>
> >> >>
> >> >> _______________________________________________
> >> >> cisspstudy mailing list
> >> >> cisspstudy at cccure.org
> >> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> >>
> >> >>
> >> >>
> >> >>
> >> >> -------------- next part --------------
> >> >> An HTML attachment was scrubbed...
> >> >> URL: <
> >> >>
> >> >>
> http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100120/6
> >> >>
> >> >> b681<
> http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100120/6b681
> >
> >> >> 638/attachment.html
> >> >> >
> >> >>
> >> >> ------------------------------
> >> >>
> >> >> _______________________________________________
> >> >> cisspstudy mailing list
> >> >> cisspstudy at cccure.org
> >> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> >>
> >> >>
> >> >> End of cisspstudy Digest, Vol 19, Issue 18
> >> >> ******************************************
> >> >>
> >> >>
> >> >>
> >> >> _______________________________________________
> >> >> cisspstudy mailing list
> >> >> cisspstudy at cccure.org
> >> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> >>
> >> >>
> >> >> _______________________________________________
> >> >> cisspstudy mailing list
> >> >> cisspstudy at cccure.org
> >> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> >>
> >> >>
> >> >>
> >> >> ------------------------------
> >> >>
> >> >> _______________________________________________
> >> >> cisspstudy mailing list
> >> >> cisspstudy at cccure.org
> >> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> >>
> >> >>
> >> >> End of cisspstudy Digest, Vol 19, Issue 23
> >> >> ******************************************
> >> >>
> >> >
> >> >
> >> > _______________________________________________
> >> > CISSPstudy mailing list
> >> > CISSPstudy at cccure.org
> >> > http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >> >
> >> >
> >> -------------- next part --------------
> >> An HTML attachment was scrubbed...
> >> URL:
> >> <
> http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100210/f28ae78a/attachment.html
> >
> >>
> >> ------------------------------
> >>
> >> _______________________________________________
> >> CISSPstudy mailing list
> >> CISSPstudy at cccure.org
> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >>
> >>
> >> End of CISSPstudy Digest, Vol 20, Issue 5
> >> *****************************************
> >
> >
> > _______________________________________________
> > CISSPstudy mailing list
> > CISSPstudy at cccure.org
> > http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >
> >
>
> _______________________________________________
> CISSPstudy mailing list
> CISSPstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100211/df88d890/attachment-0001.html>
More information about the CISSPstudy
mailing list