Activity
Mon
Wed
Fri
Sun
Feb
Mar
Apr
May
Jun
Jul
Aug
Sep
Oct
Nov
Dec
Jan
What is this?
Less
More

Memberships

CISSP Study Group

Public • 1k • Free

75 contributions to CISSP Study Group
Practice Question
Which of the following is the FIRST requirement a data owner should consider before implementing a data retention policy? A. Training B. Legal C. Business D. Storage
0
7
New comment 23h ago
1 like • 5d
I would go for busines ( and i think Policy as additional word) it starts with the policy. Policy / Standdards / Procedures
1 like • 1d
@Owen Chin It's hard, I choose Business because I added myself the word "Policy". One of the exam tips states, do not make up any additional words in a question... So without poicy legal would be ok. If I take policy in account, which I did, the policy would say "We as company have our datacenters in a foreign place and will comply to the local legal rules to prevent fines (and such costs)." So the policy transcend legal rules and storage standards and training. One answer holds all of the others, this is one of the other exam tips.
Practice Question
Your organization has recently deployed a patch management system to automate updates. However, shortly after a critical patch was applied, a key application stopped functioning, disrupting business operations. What is the best way to prevent such incidents in the future? A. Roll back the patch and delay future updates until the issue is resolved. B. Implement a test environment to evaluate patches before deployment. C. Limit patch deployments to non-critical systems during business hours. D. Require vendor verification before applying critical patches.
0
4
New comment 2d ago
1 like • 2d
A is the Current Issue - and the Question States "in the future" C will not solve Critical patches, D. Vendor verification won't prefent a Patch from Disrupting Business.. So B sounds best!
Practice Question
An external audit of your organization’s disaster recovery plan reveals that backups are not encrypted, exposing sensitive data to potential breaches during transit or storage. Which of the following should be implemented immediately to address this finding? A. Implement full disk encryption on all backup storage devices. B. Transition to incremental backups to minimize data exposure. C. Configure end-to-end encryption for all backup processes. D. Move backups to a private cloud infrastructure with built-in security.
0
3
New comment 2d ago
0 likes • 2d
Yup go for A
Practice Question
You are responsible for managing a 24/7 Security Operations Center (SOC). Recently, analysts have reported an increase in false positives from intrusion detection systems (IDS), leading to fatigue and delayed responses to actual incidents. What is the most effective solution to address this issue? A. Increase the number of SOC analysts to handle the alert volume. B. Conduct a baseline review of network traffic and fine-tune IDS rule sets. C. Replace the current IDS with an intrusion prevention system (IPS) for better accuracy. D. Implement an automated incident response system to reduce analyst involvement.
0
3
New comment 3d ago
0 likes • 3d
So during the remedation and or lessons learned phase we should perform B - Grab it at the Root !
Practice Question
A cloud service provider (CSP) offers various data storage options to its customers. A customer needs to store highly sensitive financial data with strict regulatory compliance requirements. Which of the following storage options offered by the CSP would be MOST appropriate? A. Object storage, offering high scalability and cost-effectiveness for unstructured data. B. Ephemeral storage, providing temporary storage for short-lived workloads. C. Block storage with server-side encryption and customer-managed encryption keys, providing granular control and enhanced security. D. File storage with access control lists (ACLs) for basic access management.
0
5
New comment 6d ago
1 like • 7d
C
1-10 of 75
Tom de Tukker
4
70points to level up
@tom-de-tukker-9919
ICT Engineer / Ⓢⓔⓒⓤⓡⓘ ⓣⓨ / Sysops / KQL / Ⓟⓡⓘⓥⓐⓒⓨ

Active 22h ago
Joined Dec 1, 2024
powered by