CISSP PRACTICE QUESTIONS – 20210420

Effective CISSP Questions

Your company hired a security analyst who got on board today. Which of the following should be conducted first per the identity proofing procedure? (Wentz QOTD)
A. Enroll the biometric template in a model database and provision services
B. Uniquely distinguish the individual among a given population or context
C. Establish the linkage between claimed identity and real-life existence of subject
D. Determine the authenticity, validity, and accuracy of identity information and relate it to a real-life subject

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is B. Uniquely distinguish the individual among a given population or context.

NIST SP 800-63A provides good guidance to the identity proofing procedure.

The Identity Proofing User Journey (Source: NIST SP 800-63A)

Reference

A BLUEPRINT FOR YOUR SUCCESS IN CISSP

My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

您的公司聘請了一位安全分析師,他今天剛到職。 按照身份驗證(identity proofing)程序,首先執行以下哪項操作?(Wentz QOTD)
A. 將生物識別模板註冊到模型數據庫中並提供服務
B. 在給定的人群或背景中唯一地識別出個人
C. 在聲稱的身份和主體的現實生活之間建立聯繫
D. 確定身份信息的真實性、有效性和準確性,並將其與現實生活中的主題聯繫起來

Leave a Reply