I passed my CISSP exam last week. Thanks for all my fellow study group members. You are very helpful in my preparation for the exam. This is a great forum and appreciate the comradery among the team members. Thanks.

A recent security audit is reporting several unsuccessful login attempts being repeated at specific times during the day on an Internet facing authentication server. No alerts have been generated by the security information and event management (SIEM) system . What PRIMARY action should be taken to improve SIEM performance? A. Implement role-based system monitoring B. Audit firewall logs to identify the source of login attempts C. Enhance logging detail D. Confirm alarm thresholds

Charles wants to deploy a credential management system (CMS) and keep the keys as secure as possible. Which of the following is the best design option for his CMS implementation?

A financial institution wants to segment its internal network to reduce the risk of sensitive financial data being accessed by unauthorized employees. The segmentation must allow for monitoring and inspection of traffic between the segments. Which of the following would best meet these requirements? A. Implement virtual LANs (VLANs) without firewall rules between them. B. Deploy firewalls with strict access control lists (ACLs) between network segments. C. Use network address translation (NAT) to isolate the segments. D. Rely on intrusion detection systems (IDS) to monitor segment traffic.

During a routine audit, you discover that an employee has been accessing sensitive financial data unrelated to their job function for several months. The activity was flagged by a security information and event management (SIEM) system, but no action was taken. Which process failure is most likely responsible, and how should it be addressed? A. Inadequate user training; implement mandatory security awareness programs. B. Poor SIEM configuration; refine alert thresholds and automate escalations. C. Insufficient monitoring coverage; deploy enhanced data loss prevention (DLP) tools. D. Lack of incident response procedures; create a clear escalation matrix for alerts.