CISSP PRACTICE QUESTIONS – 20200324

Effective CISSP Questions

Your company, based in Taiwan and accredited with ISO 27001, sells toys online and ships globally. After conducting penetration testing, as part of the risk assessment, your company finished implementing honeypots solutions as security controls to deter and detect intruders. As a security professional, which of the following upcoming activities will you suggest your company do first?
A. Conduct risk assessment
B. Research applicable laws and regulations
C. Implement consent banners and harden the honeypots to avoid entrapment
D. Create policies that define and clarify the goal of the honeypot system


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is A. Conduct risk assessment.

Risk management is cyclical and iterative. Risk assessment is not one time job; it should be conducted periodically or after risk treatment or significant incident.

A security solution typically comprises various types of controls, e.g., administrative, technical, or physical. Implementing honeypot solutions doesn’t mean installing honeypot systems only; it should involve surveys, policies, or technical work. The original security solutions may involve the following:

  • Researching applicable laws and regulations
  • Creating policies that define and clarify the goal of the honeypot system
  • Implementing consent banners and hardening the honeypots to avoid entrapment

Even if the security solutions miss anything, another run of the risk assessment will address this issue.

Reference

 

 

 

One thought on “CISSP PRACTICE QUESTIONS – 20200324

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.