CISSP PRACTICE QUESTIONS – 20210604

Effective CISSP Questions

To respond to the pandemic of COVID-19, your company decides to implement a centralized virtual desktop infrastructure (VDI) at the headquarters. All branch offices and subsidiaries shall be connected to the data center hosting the VDI. Which of the following is the most cost-effective networking solution with minimum network management workload? (Wentz QOTD)
A. Leased lines
B. Site-to-site SSL VPN
C. L2TP with IPsec in Tunnel mode
D. Multi-protocol label switching (MPLS)

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. Multi-protocol label switching (MPLS).

This question, without sufficient information, is designed to demonstrate the evaluation process, so there is no right or wrong answer. I suggest the answer key based on my evaluation criteria. It’s subjective, and the result can be biased. Please focus on how much network administration and security configuration work is required in each alternative, the cost down of MPLS, the impact of new technology (e.g., SD-WAN), the total cost of ownership, and the return on investment.

Quality Criteria
Quality Criteria

There are various definitions of cost-effective; however, it can be generally concluded as the return is equal to or greater than the investment.

Return on Investment (ROI)

A cost-effective solution is effective and efficient and brings a higher return on investment (ROI). A solution with the lowest costs is not necessarily cost-effective. An ineffective solution, with whatever costs, brings no value and should be rejected. On the other hand, an effective but inefficient solution generates a lower ROI.

Evaluation Criteria: Functionality and Quality

A cost-effective solution solves the problem and brings quality. If a solution is workable or functional, then it’s effective. I then move onto evaluating its quality using the U PASS ME model. All four networking options or alternatives can solve the problem. They are effective but bring different levels of efficiency or quality.

The “U PASS ME” Model
The “U PASS ME” Model

Reference

A BLUEPRINT FOR YOUR SUCCESS IN CISSP

My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

為了應對COVID-19的大流行,您的公司決定在總公司建置集中式的虛擬桌面基礎架構 (VDI)。所有分支機構和子公司都應連接到託管VDI的數據中心。以下哪項是網絡管理工作負擔最小且最具成本效益的網絡解決方案?(Wentz QOTD)
A. Leased lines
B. Site-to-site SSL VPN
C. L2TP with IPsec in Tunnel mode
D. Multi-protocol label switching (MPLS)

Leave a Reply