Limiting the local access of operations personnel

The questions specifically said: "within a different function" which eliminate
Job Rotation as a choice.
Management monitoring of audit logs is a detective control and it would not prevent
collusion.
Changing passwords regularly would not prevent such attack.
This question validates if you understand the concept of separation of duties and least
privilege. By having operators that have only the minimum access level they need and only
what they need to do their duties within a company, the operations personnel would be
force to use collusion to defeat those security mechanism.
Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.

 integrity

Integrity is the guarantee that the message sent is the message received,
and that the message was not intentionally or unintentionally altered.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering theTen Domains of Computer Security, 2001, John Wiley & Sons, Page 60.

 Multiprocessing

A system with multiple processors is called a multiprocessing system.
Multitasking is incorrect. Multitasking involves sharing the processor amoung all ready
processes. Though it appears to the user that multiple processes are executing at the
same time, only one process is running at any point in time.
Multithreading is incorrect. The developer can structure a program as a collection of
independent threads to achieve better concurrency. For example, one thread of a program
might be performing a calculation while another is waiting for additional input from the user.
"Parallel running" is incorrect. This is not a real term and is just a distraction.
References:
CBK, pp. 315-316
AIO3, pp. 234 - 239

Prototype systems can provide significant time and cost savings.

Prototype systems can provide significant time and cost savings, however
they also have several disadvantages. They often have poor internal controls, change
control becomes much more complicated and it often leads to functions or extras being
added to the system that were not originally intended.
Source: Information Systems Audit and Control Association, Certified Information Systems
Auditor 2002 review manual, chapter 6: Business Application System Development,
Acquisition, Implementation and Maintenance (page 306).

disclosure

Confidentiality is the opposite of disclosure.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the
Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 59.

Data mining

Data mining is used to reveal hidden relationships, patterns and trends by
running queries on large data stores.
Data mining is the act of collecting and analyzing large quantities of information to
determine patterns of use or behavior and use those patterns to form conclusions about
past, current, or future behavior. Data mining is typically used by large organizations with
large databases of customer or consumer behavior. Retail and credit companies will use
data mining to identify buying patterns or trends in geographies, age groups, products, or
services. Data mining is essentially the statistical analysis of general information in the
absence of specific data.
The following are incorrect answers:
They are incorrect as they all apply to Protecting Objects and the data within them.
Layering, abstraction and data hiding are related concepts that can work together to
produce modular software that implements an organizations security policies and is more
reliable in operation.
Layering is incorrect. Layering assigns specific functions to each layer and communication
between layers is only possible through well-defined interfaces. This helps preclude
tampering in violation of security policy. In computer programming, layering is the
organization of programming into separate functional components that interact in some
sequential and hierarchical way, with each layer usually having an interface only to the
layer above it and the layer below it.
Abstraction is incorrect. Abstraction "hides" the particulars of how an object functions or
stores information and requires the object to be manipulated through well-defined
interfaces that can be designed to enforce security policy. Abstraction involves the removal
of characteristics from an entity in order to easily represent its essential properties.
Data hiding is incorrect. Data hiding conceals the details of information storage and
manipulation within an object by only exposing well defined interfaces to the information
rather than the information itslef. For example, the details of how passwords are stored
could be hidden inside a password object with exposed interfaces such as
check_password, set_password, etc. When a password needs to be verified, the test
password is passed to the check_password method and a boolean (true/false) result is
returned to indicate if the password is correct without revealing any details of how/where the real passwords are stored. Data hiding maintains activities at different security levels to
separate these levels from each other.
The following reference(s) were used for this question:
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third
Edition ((ISC)2 Press) (Kindle Locations 27535-27540). Auerbach Publications. Kindle
Edition.
and
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third
Edition ((ISC)2 Press) (Kindle Locations 4269-4273). Auerbach Publications. Kindle
Edition.

Clearing renders information unrecoverable by a keyboard attack and purging renders
information unrecoverable against laboratory attack.

The removal of information from a storage medium is called sanitization.
Different kinds of sanitization provide different levels of protection. A distinction can be
made between clearing information (rendering it unrecoverable by a keyboard attack) and
purging (rendering it unrecoverable against laboratory attack).
There are three general methods of purging media: overwriting, degaussing, and
destruction.
There should be continuous assurance that sensitive information is protected and not
allowed to be placed in a circumstance wherein a possible compromise can occur. There are two primary levels of threat that the protector of information must guard against:
keyboard attack (information scavenging through system software capabilities) and
laboratory attack (information scavenging through laboratory means). Procedures should
be implemented to address these threats before the Automated Information System (AIS)
is procured, and the procedures should be continued throughout the life cycle of the AIS.
Reference(s) use for this question:
SWANSON, Marianne & GUTTMAN, Barbara, National Institute of Standards and
Technology (NIST), NIST Special Publication 800-14, Generally Accepted Principles and
Practices for Securing Information Technology Systems, September 1996 (page 26).
and
A guide to understanding Data Remanence in Automated Information Systems

security

The correct answer to this "security". It is a major factor in deciding if a
centralized or decentralized environment is more appropriate.
Example: In a centralized computing environment, you have a central server and
workstations (often "dumb terminals") access applications, data, and everything else from
that central servers. Therefore, the vast majority of your security resides on a centrally
managed server. In a decentralized (or distributed) environment, you have a collection of
PC's each with their own operating systems to maintain, their own software to maintain,
local data storage requiring protection and backup. You may also have PDA's and "smart
phones", data watches, USB devices of all types able to store data... the list gets longer all
the time.
It is entirely possible to reach a reasonable and acceptable level of security in a distributed environment. But doing so is significantly more difficult, requiring more effort, more money,
and more time.
The other answers are not correct because:
scalability - A distributed computing environment is almost infinitely scalable. Much more so
than a centralized environment. This is therefore a bad answer.
heterogeneity - Having products and systems from multiple vendors in a distributed
environment is significantly easier than in a centralized environment. This would not be a
"challenge of distributed computing solutions" and so is not a good answer.
usability - This is potentially a challenge in either environment, but whether or not this is a
problem has very little to do with whether it is a centralized or distributed environment.
Therefore, this would not be a good answer.
Reference:
Official ISC2 Guide page: 313-314
All in One Third Edition page: (unavailable at this time)

To ensure that program coding flaws are detected and corrected.

Debugging provides the basis for the programmer to correct the logic errors
in a program under development before it goes into production.
Source: Information Systems Audit and Control Association, Certified Information Systems
Auditor 2002 review manual, chapter 6: Business Application System Developmen  Acquisition, Implementation and Maintenance (page 298).

Verification

Verification vs. Validation:
Verification determines if the product accurately represents and meets the specifications. A
product can be developed that does not match the original specifications. This step
ensures that the specifications are properly met.
Validation determines if the product provides the necessary solution intended real-world
problem. In large projects, it is easy to lose sight of overall goal. This exercise ensures that
the main goal of the project is met.
From DITSCAP:
6.3.2. Phase 2, Verification. The Verification phase shall include activities to verify
compliance of the system with previously agreed security requirements. For each life-cycle
development activity, DoD Directive 5000.1 (reference (i)), there is a corresponding set of
security activities, enclosure 3, that shall verify compliance with the security requirements
and evaluate vulnerabilities.
6.3.3. Phase 3, Validation. The Validation phase shall include activities to evaluate the fully
integrated system to validate system operation in a specified computing environment with
an acceptable level of residual risk. Validation shall culminate in an approval to operate.
You must also be familiar with Verification and Validation for the purpose of the exam. A
simple definition for Verification would be whether or not the developers followed the
design specifications along with the security requirements. A simple definition for Validation would be whether or not the final product meets the end user needs and can be use for a
specific purpose.
Wikipedia has an informal description that is currently written as: Validation can be
expressed by the query "Are you building the right thing?" and Verification by "Are you
building it right?
NOTE:
DITSCAP was replaced by DIACAP some time ago (2007). While DITSCAP had defined
both a verification and a validation phase, the DIACAP only has a validation phase. It may
not make a difference in the answer for the exam; however, DIACAP is the cornerstone
policy of DOD C&A and IA efforts today. Be familiar with both terms just in case all of a
sudden the exam becomes updated with the new term.
Reference(s) used for this question:
Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (p. 1106). McGraw-
Hill. Kindle Edition.
http://iase.disa.mil/ditscap/DITSCAP.html
https://en.wikipedia.org/wiki/Verification_and_validation
For the definition of "validation" in DIACAP, Click Here
Further sources for the phases in DIACAP, Click Here