Which one of the following documentation should be included in a Disaster Recovery (DR) package?
Correct Answer: C
A Disaster Recovery (DR) package is a set of documents, tools, and resources that are needed to restore the normal operations of a system or network after a disaster. A DR package should include the following documentation: hardware configuration instructions, hardware configuration software, an operating system image, a data restoration option, media retrieval instructions, backup and recovery procedures, contact lists, and emergency response plans. These documents can help to rebuild the system or network from scratch, restore the data from backups, and resume the business functions as quickly as possible. Source code, compiled code, firmware updates, operational log book and manuals are not essential for a DR package, as they are more related to development, maintenance, or operation of the system or network. Data encrypted in original format, auditable transaction data, and recovery instructions for future extraction on demand are not part of a DR package, as they are more related to data security, audit, or compliance. System configuration including hardware, software, hardware, interfaces, software Application Programming Interface (API) configuration, data structure, ... are not sufficient for a DR package, as they do not include the instructions, software, or procedures to restore the system or network.
CISSP Exam Question 47
Which software defined networking (SDN) architectural component is responsible for translating network requirements?
Correct Answer: C
Software defined networking (SDN) is a network architecture that decouples the control plane from the data plane, allowing for more flexibility and programmability of network functions. The SDN controller is the architectural component that acts as the brain of the SDN network, communicating with both the SDN applications and the SDN data paths. The SDN controller is responsible for translating the network requirements from the SDN applications, such as security policies, routing rules, or load balancing, into instructions for the SDN data paths, such as switches, routers, or firewalls, to implement them. The SDN controller also monitors the network state and provides feedback to the SDN applications.
CISSP Exam Question 48
Which of the following types of firewall only examines the "handshaking" between packets before forwarding traffic?
Correct Answer: C
Circuit-level firewalls are a type of firewall that only examines the "handshaking" between packets before forwarding traffic. Circuit-level firewalls operate at the transport layer of the OSI model, and they establish a virtual circuit or session between the source and the destination hosts. Circuit-level firewalls do not inspect the content or the header of the packets, but they only verify that the packets belong to a valid and established session. Circuit-level firewalls are faster and less resource- intensive than other types of firewalls, but they provide less security and visibility.
CISSP Exam Question 49
What is considered a compensating control for not having electrical surge protectors installed?
Correct Answer: B
A compensating control is a measure that is taken to reduce the risk of an existing or potential control weakness. Electrical surge protectors are devices that protect electrical equipment from voltage spikes caused by lightning, power outages, or other disturbances. If surge protectors are not installed, the risk of damage to network equipment and data loss is increased. A backup diesel generator is a compensating control that can provide uninterrupted power supply to the network equipment in case of a power failure, thus reducing the impact of electrical surges.
CISSP Exam Question 50
The application of which of the following standards would BEST reduce the potential for data breaches?
Correct Answer: D
The standard that would best reduce the potential for data breaches is ISO 27001. ISO 27001 is an international standard that specifies the requirements and the guidelines for establishing, implementing, maintaining, and improving an information security management system (ISMS) within an organization. An ISMS is a systematic approach to managing the information security of the organization, by applying the principles of plan-do-check-act (PDCA) cycle, and by following the best practices of risk assessment, risk treatment, security controls, monitoring, review, and improvement. ISO 27001 can help reduce the potential for data breaches, as it can provide a framework and a methodology for the organization to identify, protect, detect, respond, and recover from the information security incidents or events that could compromise the confidentiality, integrity, or availability of the data or the information.