|
Home > Archive > Security+ > April 2004 > Failed but with Questions
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Failed but with Questions
|
|
| donaldmc 2004-04-12, 11:54 am |
| I failed the exam scored a 726. I know that most of the questions I got wrong were policy type questions having mainly a help desk background I tend to blame the user for everything and not wanting to give them any information as I believe they will put it to bad use or no use at all. However, there are a few questions I have before I take the exam again. I could not find satisfactory answers for or I found contradicting information on.
1. What model or terminology is based on MAC methods? Some of the answers were Clark-Wilson, Bell-La Padula. I can’t find any information on these in the Syngress book. I have found bit’s a pieces of information on the net, but I’m looking for the names of well known models based on all the access control methods. (MAC, DAC, and RBAC)
2. The second question is a disagreement with a friend. I say PPTP can only work on IP based networks as said in the Syngress book. He says L2TP and bases the answer from some internet site. Which is right?
3. The third and final question. On the exam there was a question that I thought was odd. When designing a computer room which of the following should be done. I narrowed it down to 2 answers. Fire proof doors which would one could open easily or a procedure to shutdown equipment if a fire broke out. I choose the doors. To me there is a fire get me out, I mean shutting down the equipment is not going to help when the fire turns them ash.
Any help would be appreciated. | |
| Supertech 2004-04-12, 2:29 pm |
| 1. The Bell-LaPadula Model is a multilevel security system using mandatory access controls to grant access to a latice of data classifications.
2. L2TP is so named name because it facilitates the tunnelling of the
Link Layer of the Point to Point Protocol via IP. Hence, using L2TP, if two devices are able to communicate via IP, a PPP session can be established between them, regardless of the fact that there are other devices in the path between the end points.
3. Beyond fire suppression equipment, consider logistical planning. The theory
goes that nobody should be in the building when the fire alarm goes off. And, how many
movies have you seen where someone sets off a fire alarm to get everyone out of the
building while the actor/actress goes for a quick data mining trip? I guess the movie
would have to take a different turn if the computers shut down when there was an alarm. | |
| donaldmc 2004-04-12, 2:38 pm |
| Thanks, do know where I can find more information on the Access Control Models? | |
| Supertech 2004-04-12, 2:40 pm |
| google. | |
|
|
| chartley3 2004-04-13, 3:25 pm |
| I failed the exam today with a 724 however you can ask for a formal regrade of the exam by emailing CompTIA. I did find a few questions that were contradictive to what is written in the CISSP prep guides. It may not help with the grade but it does help point out some flaws to the exam. | |
|
| LOL - and even though I missed by 1 question and could prove at least 5 were invalid it did not get me anywhere. They use the "There are some test questions on the exam that are not marked" argument to defend themselves. |
|
|
|
|