Which of the following attacks, if successful, could give an intruder complete control of a software-defined networking (SDN) architecture? A. A brute force password attack on the Secure Shell (SSH) port of the controller B. Sending control messages to open a flow that does not pass a firewall from a compromised host within the network C. Remote Authentication Dial-In User Service (RADIUS) token replay attack D. Sniffing the traffic of a compromised host inside the network

The security architect is designing and implementing an internal certification authority (CA) to generate digital certificates for all employees. Which of the following is the BEST solution to securely store the private keys? A. Physically secured storage device B. Trusted Platform Module (TPM) C. Encrypted flash drive D. Public key infrastructure (PKI)

Hello everybody! past Friday I have passed the CISSP exam! Incredible! I wanna thank you this group especially for giving me every day some "reminder" that I had to study That has improved my perseverance in reaching this goal. Let me tell you, if you really want, you will pass this exam! It is very challenging but it is doable. For me it was a marathon, not a sprint. I started 1 year ago following a 6 days bootcamp that was based on the All in One book; that was very useful for me to have a general idea on all the domains and for the first time to finish all the domains; I had tried on the past by reading the OSG book, but no way to complete it, too boring. Meanwhile the exam was going to change, so I decided to wait couple of months. Around august, I went on Udemy and bought the Thor Pederson videos, which is based on the OSG book . Videos are nice, cause you can watch on free time, regulate the speed, review, etc.. But I tend to think that you will have a passive approach with that. I begon also to look on the web, reading about other people stories (Reddit, discord, this group) ; that is also very valuable, cause I started to have an idea about how the exam was made; how is working the CAT, where to look for more videos and to find my strategy. I decided lastly to focus on fixing some concepts that I had difficulty to memorize using the learzapp, like all those US laws and regulations, terrible :-) Last 2 months I did about 2000 questions and 4 tests; doing some practice almost every day. I watched also the 50 questions think like a manager video, that I advise to watch, to understand the mental switch you have to do if you are too technical, so focus on the "why" instead of the "how". Last 2 weeks I bought the Gwen Bettwey questions on Udemy; that was important because the exam style goes more in that direction than the learnZapp, in term of style and complexity. Finally, the day of the exam, I tried to create the better possible conditions for me; I went on a Friday morning (I am fresher in the morning ); I arrived 1 hour in advance to the test center, so I had the time to have a coffee, etc..I could start half hour earlier than planned.

Which of the following is a provisioning methodology that elevates users to the necessary privileged access to perform a specific task? A. Identity management B. Just-in-time (JIT) access C. Proofing of identity D. Self-service

The IT manager at your org hired an administrator with Linux experience to manage them and train other administrators on Linux. How should the company assign privileges for the new administrator? A- Add the administrator to the Administrators group. B- Add the administrator to the sudo group. C- Give the administrator the sudo password. D- Define a new role for Linux administrators.