~ 李武耀, 志工教練, CISSP, CISM
CISSP考試心得 – 李武耀
1
~ 李武耀, 志工教練, CISSP, CISM
Monthly Archives: April 2021
~ 李武耀, 志工教練, CISSP, CISM
CISSP PRACTICE QUESTIONS – 20210430
Which of the following is protected by copyright? (Wentz QOTD)
A. The expression of the idea
B. Facts, ideas, systems, or methods of operation
C. The legal right to exclude others from making, using, or selling an invention
D. Recognizable sign, design, or expression which identifies products or services
Notice of Wentz QOTD
The Assistant General Counsel, Alex H. Rosenfeld, Esq., replied to me on May 7, 2021, which states, “I have confirmed with our team that your questions are original, and you may disregard the notice that was sent.” I’m grateful for the efficient response and confirmation from (ISC)² and will continue to develop Wentz QOTD.
Please refer to Wentz QOTD Notice of Originality for more.
Continue readingCISSP PRACTICE QUESTIONS – 20210429
As a business analyst, you are preparing a business case to evaluate the feasibility of developing a customer relationship management system for your company. Which of the following is the least concern? (Wentz QOTD)
A. Data flow analysis
B. System impact level
C. Cost-benefit analysis
D. Project management planning
CISSP PRACTICE QUESTIONS – 20210428
You are a developer of the Agile team that develops the customer relationship management system for your company. Which of the following is least likely for you to do? (Wentz QOTD)
A. Configure the database connection setting
B. Write unit tests before the production code are done
C. Interact with customers directly for software requirements
D. Respond to customer’s bug report directly to restore service level in time
CISSP PRACTICE QUESTIONS – 20210427
As an ID provider, Taiwan Airline federated with a chain of a car rental company and a five-star chain hotel. Customers can log into the airline website supported by single sign-on (SSO) and reserve hotels or rent a car. Which of the following is least likely to happen? (Wentz QOTD)
A. Assertions or claims about a customer may be described in the JSON format.
B. A customer typically has a user account on each airline, car rental, and hotel domain.
C. If the airline system goes down, customers cannot log into other federated systems.
D. Car rental and hotel systems may send a query to the airline for customer data.
Internet Key Exchange (IKE) and Security Association (SA)
I came across this post about IKE and ISAKMP on Luke’s group and found it deserves further study. My suggested answers would be A (IKE) for the first question and D (ISAKMP) for the second because IKE is the implementation of ISAKMP. RFC 7296 “describes version 2 of the Internet Key Exchange (IKE) protocol. IKE is a component of IPsec used for performing mutual authentication and establishing and maintaining Security Associations
(SAs).”
CISSP PRACTICE QUESTIONS – 20210426
Your company is publicly traded. A ransomware attack has materialized and is threatening to publish confidential customer data unless a ransom is paid. The board of directors is concerned that the ransomware attack will compromise shareholders’ confidence and stock price. Which of the following is the best plan that addresses the concern? (Wentz QOTD)
A. Disaster recovery plan
B. Business continuity plan
C. Crisis communication plan
D. Information system contingency plan
CISSP PRACTICE QUESTIONS – 20210425
Your organization suffers from a ransomware attack, threatening to publish confidential customer data unless a ransom is paid. The incident has been escalated to a problem. Which of the following is least likely to happen next? (Wentz QOTD)
A. Restore files
B. Perform forensics investigation
C. Validate if the incident is genuine
D. Conduct security awareness training
