Valid CISSP Dumps shared by EduDump.com for Helping Passing CISSP Exam! EduDump.com now offer the newest CISSP exam dumps, the EduDump.com CISSP exam questions have been updated and answers have been corrected get the newest EduDump.com CISSP dumps with Test Engine here:
When dealing with shared, privilaged accounts, especially those for emergencies, what is the BEST way to assure non-repudiation of logs?
Correct Answer: B
The storage of credentials in a central location is referred to as credential management or password vault(PV). Often these tools employ a master credential set (multifactor being preferred) to unlock dataset when needed. Some can even provide auto-login options for apps and websites. PV offer means to securely store a plethora of credential sets. PVs are often software solutions, sometimes hardware based/local only/cloud storage to generate and store credentials for sites, services, devices, and other secrets. The vault itself is encrypted and must be unlocked to regain access to the stored items. Most PVs use specialized password hashing functions such as PBKDF2 or Bcrypt that add salt and repeat hashing functions many times by key stretching techniques to convert the PVs master password into a reasonably strong encryption key. Cryptography provides CIA and nonrepudiation(NR) for sensitive info. NR is made possible thru identification and AAAA. It can be established using digital certificates, session identifiers, transaction logs, other transactional and access control mechanisms. NR requires use of PKI cryptosystem.