Your company has implemented an on-premises master DNS server in the DMZ protected by a firewall. You are deploying a slave DNS to the cloud for availability concerns. Which of the following is the most feasible firewall policy to allow zone transfer? (Wentz QOTD) A. Allow UCP port = 53 and RR = AXFR B. Allow TCP port = 53 and RR = AXFR C. Allow UDP port = 53 and Source IP = the slave DNS D. Allow TCP port = 53 and Source IP = the slave DNS
Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability (Tier 3), or CIA for short, support business (Tier 2), and create and deliver values (Tier 1).
A firewall with an external interface configured as 10.10.10.10/24 and a sole internal interface, 192.168.0.254/25, receives egress traffic having a source address 192.168.0.7. Which one of the following actions will the firewall most likely take? (Wentz QOTD) A. Drop the traffic B. Forward the traffic as is C. Forward the traffic after replacing 192.168.0.7 with 10.10.10.10 D. Send an ICMP echo request to 192.168.0.7 to validate the traffic
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is __.
Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams, and an informative reference for security professionals.
一台防火牆的外部介面IP設定為10.10.10.10/24，其唯一的內部介面的IP則是192.168.0.254/25. 這台防火牆接收到來源位址為192.168.0.7的對外(egress)流量。以下那項動作防火牆最有可能採取？ (Wentz QOTD) A. 丟棄該流量 B. 按原樣轉發流量 C. 將192.168.0.7替換為10.10.10.10後轉發流量 D. 向192.168.0.7發送ICMP echo請求以驗證流量
As a CISO for a public company, you are developing an information security strategy. Which of the following renders the primary constituent elements of your strategy? (Wentz QOTD) A. Acceptable use policy B. Security control baselines C. Business continuity program D. Portfolios of security initiatives
A secure software development methodology or approach is typically selected n the early stage of a software engineering project. Which of the following Agile approaches most relies on empiricism or observations of reality to monitor progress and manage risk? (Wentz QOTD) A. Scrum B. DevOps C. Spiral model D. Extreme Programming (XP)
Engineering is an approach that involves a set of processes to develop a solution, which can be a system, software, or any deliverable, transformed from stakeholders’ requirements and support the solution throughout its life. Which of the following is the most generally accepted correctstatement? (Wentz QOTD) A. ISO/IEC 15288 prescribes six stages in the system life cycle (SLC). B. The software development life cycle differs from the one of a system. C. Verification and validation processes are not applied other than the testing stage. D. A development life cycle addresses the construction of a system instead of acquisition.
After receiving the bill,Adam insists a hacker logged into an online jewelry store with his credentials and bought a ring using his credit card without his consent. He denied the transaction and refused to pay. Which of the following is the best strategy for the online store to prevent this situation from recurring? (Wentz QOTD) A. Implement the Digital Signature Algorithm (DSA) B. Encrypt the hash of the transaction using Adam’s private key C. Establish a trustworthy enterprise-wide trusted root certification authority D. Protect Adam’s credentials using hash-based message authentication code (HMAC)
Your company manufactures sports shoes for a worldwide big label and initiates a business continuity program to support the continuous delivery of products and services. Which of the following should be done first? (Wentz QOTD) A. Identify critical activities and their maximum tolerable downtime B. Identify, analyze, and evaluate risk relevant to business continuity C. Determine the list of products and services to be protected from disruption D. Define RTO and RPO for critical IT services subject to business requirements