Which of the following are effective countermeasures against passive network-layer attacks?
Correct Answer: C
Encryption ensures that data is transformed into a code that can only be accessed by authorized parties. Security-enabled applications ensure that only authorized users can access specific network resources, protecting against passive network-layer attacks like eavesdropping or sniffing.
CISSP Exam Question 717
During an audit of system management, auditors find that the system administrator has not been trained. What actions need to be taken at once to ensure the integrity of systems?
Correct Answer: D
During an audit of system management, if auditors find that the system administrator has not been trained, the immediate action that needs to be taken to ensure the integrity of systems is a review of all systems by an experienced administrator. This is to verify that the systems are configured, maintained, and secured properly, and that there are no errors, vulnerabilities, or breaches that could compromise the system's availability, confidentiality, or integrity. A review of hiring policies, departmental procedures, or training procedures are not urgent actions, as they are more related to the long-term improvement of the system management process, rather than the current state of the systems.
CISSP Exam Question 718
What is the MOST important element when considering the effectiveness of a training program for Business Continuity (BC) and Disaster Recovery (DR)?
Correct Answer: A
The effectiveness of a BC/DR training program largely depends on management support because it ensures adequate resources, prioritization, and enforcement of policies are in place to make the training effective across the organization.
CISSP Exam Question 719
Which of the following is the BEST mitigation from phishing attacks?
Correct Answer: B
Security awareness training is the process of educating users on the potential threats and risks they may face online, and the best practices and behaviors they should adopt to protect themselves and the organization. Security awareness training is the best mitigation from phishing attacks, as it can help users recognize and avoid malicious emails, links, or attachments that may compromise their credentials, data, or devices. Network activity monitoring, corporate policy and procedures, and strong file and directory permissions are also important security measures, but they are not as effective as security awareness training in preventing phishing attacks, as they rely on technical controls rather than human factors.
CISSP Exam Question 720
Which security action should be taken FIRST when computer personnel are terminated from their jobs?
Correct Answer: A
The first security action that should be taken when computer personnel are terminated from their jobs is to remove their computer access. Computer access is the ability to log in, use, or modify the computer systems, networks, or data of the organization. Removing computer access can prevent the terminated personnel from accessing or harming the organization's information assets, or from stealing or leaking sensitive or confidential data. Removing computer access can also reduce the risk of insider threats, such as sabotage, fraud, or espionage. Requiring them to turn in their badge, conducting an exit interview, and reducing their physical access level to the facility are also important security actions that should be taken when computer personnel are terminated from their jobs, but they are not as urgent or critical as removing their computer access.