You received unsolicited messages from social media that tout a proxy exam taker to cheat in the CISSP exam. As a CISSP, which of the following is the best action to respond to these spam messages? (Wentz QOTD)
A. Investigate the source through open intelligence and hack back to stop this behavior.
B. Report to the social media administrators for violating the platform rules.
C. Share the message with CISSP candidates
D. Submit a complaint that specifies the violated canon of the Code of Ethics to (ISC)².
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is B. Report to the social media administrators for violating the platform rules.
Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.
(ISC)² Code Of Ethics applies to (ISC)² members only. The identity of spammers who sent unsolicited messages that tout a proxy exam taker to cheat in the CISSP exam is unknown or anonymous. In other words, they are not necessarily (ISC)² members. You, as a CISSP, can submit a complaint that specifies the violated canon of the Code of Ethics to (ISC)² only if you are sure that the spammer is an (ISC)² member.
All information security professionals who are certified by (ISC)² recognize that such certification is a privilege that must be both earned and maintained. In support of this principle, all (ISC)² members are required to commit to fully support this Code of Ethics (the “Code”). (ISC)² members who intentionally or knowingly violate any provision of the Code will be subject to action by a peer review panel, which may result in the revocation of certification. (ISC)² members are obligated to follow the ethics complaint procedure upon observing any action by an (ISC)² member that breach the Code. Failure to do so may be considered a breach of the Code pursuant to Canon IV.
Source: (ISC)²
Reference
- (ISC)² Code Of Ethics
- Hack-Back: Toward A Legal Framework For Cyber Self-Defense
- Hack Back Pros and Cons: What You Need to Know Before Striking Back
您收到了來自社交媒體的未經請求的消息,其中吹捧代理應試者在 CISSP 考試中作弊。 作為 CISSP,以下哪一項是回應這些廣告訊息的最佳行動?(Wentz QOTD)
A. 通過公開情報調查(OSINT)源頭並回擊以阻止這種行為。
B. 向社交媒體管理員舉報違反平台規則的行為。
C. 與 CISSP 考生分享信息
D. 向(ISC)²投訴,並指出所違反的道德守則條文。