CISSP 2024 Practice Questions (Scenario-Based) - Domain 7: Security Operations
HTML-код
- Опубликовано: 24 авг 2024
- CISSP Domain - 7 covers 13% of the CISSP exam and covers security operations. The day-to-day security tasks are not limited to an information security professional monitoring security incidents in a dark SOC computer lab. Instead, security operations is a broad categorization of information security tasks that ranges from how an organization handles security investigations to applying resource protection to maintaining detective measures.
CISSP Flash Cards - • CISSP Flash Cards: Mas...
CISSP Practice Questions Playlist - youtu.be/playl...
Domain 1 - • CISSP 2023 Practice Qu...
Domain 2 - • CISSP 2023 Practice Qu...
Domain 3 - • CISSP 2023 Practice Qu...
Domain 4 - • CISSP 2023 Practice Qu...
Domain 5 - • CISSP 2023 Practice Qu...
Domain 6 - • CISSP 2023 Practice Qu...
CISSP Study Group - Telegram - t.me/CisspInfo...
#CISSP #cissppracticequestions #practice #CISSPDomain7 #Cybersecurity #InfoSec #Certification #ExamPrep
🌐 Follow us on Twitter: / infoscguardian
📷 Follow us on Instagram: / infosecguardians
👍 Like us on Facebook: / 623146913044461
🌐 Linkedin: / infosecguardians
🌐 Join Telegram Channel: t.me/+Ig3281pq...
Study Guide & Practice Tests - amzn.eu/d/bJ7xWou
An intelligent AI machine speaking.
Question 6. Establishing a recovery site is a long term recovery plan and may not be an immediate priority for restoration. A more correct answer should have been implementing an already existing recovery site. The choice of words can often mislead the student to pick the wrong answer.
Thanks for your review.
The question talks about strategy and not solution.
Secondly, " implementing an already existing recovery site" is not part of the available choices.
Establishing a recovery site strategy (Option B) should be prioritized for the organization because it ensures business continuity by providing an alternate location for restoring critical systems and data in the event of a cyberattack. While other options such as implementing backup storage strategies, enhancing system resilience, and implementing fault tolerance measures are important, they may not directly address the need for a recovery site to quickly restore operations and minimize the impact of the cyberattack.
Question 5 specifically asks which action should be taken FIRST when investigating activities in the SIEM logs and there was no mention of the company using firewalls. If you claim a security company implements a SIEM solution to monitor and manage security events, all eyes will go to the SIEM if there is a breach. Checking the firewall logs is a correct answer but the questions should be made very clear in this situation.
You're absolutely right. The question should indeed provide clearer guidance on the specific actions to take when investigating suspicious activities in the SIEM logs. While analyzing firewall logs is a crucial step, the question could have been clearer to avoid any ambiguity. Thank you for highlighting this point.
I agree! I got the question right but it maybe just by luck! My eyes went right to the SIEM first!
Question 1. If the attackers are already exploiting the vulnerability, I think the organization would enter the incident response phase and no longer be in the Defense phase.
While incident response and management (Option B) are critical components of a comprehensive security program, the primary focus of a secure email gateway in this scenario is on implementing a defense-in-depth strategy (Option C) to mitigate the risk of phishing attacks.
A secure email gateway adds a layer of security to the organization's email system by inspecting incoming and outgoing emails for malicious content, filtering out phishing emails, and blocking suspicious attachments. This approach aligns with the defense-in-depth concept, which involves implementing multiple layers of security controls to protect against various types of threats.
While incident response and management are essential for responding to security incidents, including phishing attacks, the implementation of a secure email gateway is a proactive measure to prevent such attacks from being successful in the first place, making defense in depth the more appropriate concept to address in this context.
I like this channel, but could be nice to reply for the comments posted by the viewers.
Sure