Which of the following is the BEST method to assess the effectiveness of an organization's vulnerability management program?
Correct Answer: B
A third-party vulnerability assessment provides an unbiased evaluation of the organization's security posture, identifying existing vulnerabilities and offering recommendations for mitigation. It is more comprehensive and objective compared to internal reviews or automated scans. References: CISSP Official (ISC)2 Practice Tests, Chapter 5, page 137
CISSP Exam Question 487
The main risks that physical security components combat are all of the following EXCEPT:
Correct Answer: A
SYN flood is not a physical security issue. The main risks that physical security components combat are theft, interruptions to services, physical instrusion and damage, compromised system integrity, and unauthorized disclosure of information. From: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, page 291.
CISSP Exam Question 488
Which of the following is NOT a key recovery method?
Correct Answer: B
Encrypting parts of the session key with the private keys of the trustee agents provides no security for the message since the message can be decrypted by recovering the key components of the session key using the public keys of the respective agents. These public keys are available to anyone. The other answers are valid means of recovering keys, since key recovery refers to permitting access to encrypted messages under predefined circumstances. Two of these answers are also called key encapsulation since the session key is encapsulated in the public keys of the trustee agents and, therefore, can be decrypted only by these trustee agents with their private keys.
CISSP Exam Question 489
Which of the following BEST describes why software assurance is critical in helping prevent an increase in business and mission risk for an organization?
Correct Answer: A
Software assurance is critical in helping prevent an increase in business and mission risk for an organization because it helps ensure that the software used by the organization is free of vulnerabilities that could be exploited by attackers. When software is not properly tested and secured, it may contain security vulnerabilities that can be exploited by attackers to gain unauthorized access to the organization's systems and data, or to disrupt or degrade the organization's operations. By implementing software assurance practices, organizations can help ensure that the software they use is free of known vulnerabilities and is less likely to be exploited by attackers, reducing the risk of business and mission impact due to a security incident.
CISSP Exam Question 490
When a possible intrusion into your organization's information system has been detected, which of the following actions should be performed first?
Correct Answer: C
Explanation/Reference: Explanation: If the event is determined to be a real incident, it is identified and classified. Once we understand the severity of the incident taking place, we move on to the next stage, which is investigation. Investigation involves the proper collection of relevant data, which will be used in the analysis and following stages. The goals of these stages are to reduce the impact of the incident, identify the cause of the incident, resume operations as soon as possible, and apply what was learned to prevent the incident from recurring. Incorrect Answers: A: Before we can eliminate intruder access we would have to determine the extent of the intrusion. B: Before containing the intrusion we need to determine the extent of the intrusion. D: Before we can communicate with the relevant parties we need to determine the extent of the intrusion. References: Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 1038
