CISSP PRACTICE QUESTIONS – 20210613

Effective CISSP Questions

Your company has implemented an on-premises master DNS server in the DMZ protected by a firewall. You are deploying a slave DNS to the cloud for availability concerns. Which of the following is the most feasible firewall policy to allow zone transfer? (Wentz QOTD)
A. Allow UCP port = 53 and RR = AXFR
B. Allow TCP port = 53 and RR = AXFR
C. Allow UDP port = 53 and Source IP = the slave DNS
D. Allow TCP port = 53 and Source IP = the slave DNS

Continue reading

CISSP PRACTICE QUESTIONS – 20210612

Effective CISSP Questions

A firewall with an external interface configured as 10.10.10.10/24 and a sole internal interface, 192.168.0.254/25, receives egress traffic having a source address 192.168.0.7. Which one of the following actions will the firewall most likely take? (Wentz QOTD)
A. Drop the traffic
B. Forward the traffic as is
C. Forward the traffic after replacing 192.168.0.7 with 10.10.10.10
D. Send an ICMP echo request to 192.168.0.7 to validate the traffic

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is __.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams, and an informative reference for security professionals.

Reference


一台防火牆的外部介面IP設定為10.10.10.10/24,其唯一的內部介面的IP則是192.168.0.254/25. 這台防火牆接收到來源位址為192.168.0.7的對外(egress)流量。以下那項動作防火牆最有可能採取? (Wentz QOTD)
A. 丟棄該流量
B. 按原樣轉發流量
C. 將192.168.0.7替換為10.10.10.10後轉發流量
D. 向192.168.0.7發送ICMP echo請求以驗證流量

CISSP PRACTICE QUESTIONS – 20210609

Effective CISSP Questions

Engineering is an approach that involves a set of processes to develop a solution, which can be a system, software, or any deliverable, transformed from stakeholders’ requirements and support the solution throughout its life. Which of the following is the most generally accepted correct statement? (Wentz QOTD)
A. ISO/IEC 15288 prescribes six stages in the system life cycle (SLC).
B. The software development life cycle differs from the one of a system.
C. Verification and validation processes are not applied other than the testing stage.
D. A development life cycle addresses the construction of a system instead of acquisition.

Continue reading

CISSP PRACTICE QUESTIONS – 20210608

Effective CISSP Questions

After receiving the bill, Adam insists a hacker logged into an online jewelry store with his credentials and bought a ring using his credit card without his consent. He denied the transaction and refused to pay. Which of the following is the best strategy for the online store to prevent this situation from recurring? (Wentz QOTD)
A. Implement the Digital Signature Algorithm (DSA)
B. Encrypt the hash of the transaction using Adam’s private key
C. Establish a trustworthy enterprise-wide trusted root certification authority
D. Protect Adam’s credentials using hash-based message authentication code (HMAC)

Continue reading

CISSP PRACTICE QUESTIONS – 20210607

Effective CISSP Questions

Your company manufactures sports shoes for a worldwide big label and initiates a business continuity program to support the continuous delivery of products and services. Which of the following should be done first? (Wentz QOTD)
A. Identify critical activities and their maximum tolerable downtime
B. Identify, analyze, and evaluate risk relevant to business continuity
C. Determine the list of products and services to be protected from disruption
D. Define RTO and RPO for critical IT services subject to business requirements

Continue reading