exam questions

Exam CSSLP All Questions

View all questions & answers for the CSSLP exam

Exam CSSLP topic 1 question 24 discussion

Actual exam question from ISC's CSSLP
Question #: 24
Topic #: 1
[All CSSLP Questions]

Which of the following security design patterns provides an alternative by requiring that a user's authentication credentials be verified by the database before providing access to that user's data?

  • A. Secure assertion
  • B. Authenticated session
  • C. Password propagation
  • D. Account lockout
Show Suggested Answer Hide Answer
Suggested Answer: access to that user's data. Answer: D is incorrect. Account lockout implements a limit on the incorrect password attempts to protect an account from automated 🗳️
Password propagation provides an alternative by requiring that a user's authentication credentials be verified by the database before providing specific sanity checks throughout the system.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
74gjd_37
5 months, 2 weeks ago
Selected Answer: C
There is a "Security Patterns Repository" by Darrell M. Kienzle, Matthew C. Elder, David Tyree, James Edwards-Hewitt at https://www.cse.msu.edu/~cse870/Homework/SS2005/HW5/Kienzle.pdf There is a secure design pattern called "Password Propagation" that means the following (quote): "Many Web applications rely on a single database account to store and manage all user data. If such an application is compromised, the attacker might have complete access to every user’s data. The Password Propagation pattern provides an alternative by requiring that an individual user’s authentication credentials be verified by the database before access is provided to that user's data."
upvoted 1 times
...
4e3rv21rq3vq2q
1 year, 8 months ago
Selected Answer: C
Correct Answer: С
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago