Activity
Mon
Wed
Fri
Sun
Jan
Feb
Mar
Apr
May
Jun
Jul
Aug
Sep
Oct
Nov
What is this?
Less
More

Memberships

CISSP Study Group

Public β€’ 978 β€’ Free

71 contributions to CISSP Study Group
Practice Question (Supply chain)
Your organization is planning to purchase hardware components from an external supplier for its critical infrastructure. What is the MOST crucial consideration to mitigate supply chain risks associated with these hardware components?
Poll
9 members have voted
1
1
New comment Aug 13
Practice question (Security Operations)
A cybersecurity leader is considering adopting a third-party managed service to handle sensitive HR data. What is the LEAST important factor to consider when conducting a security assessment of the third-party service?
Poll
8 members have voted
1
1
New comment Aug 13
Practice question (DRP)
After conducting a Disaster Recovery (DR) exercise, the cybersecurity leader is tasked with gathering lessons learned for future improvements. What is the MOST critical aspect to consider during this evaluation?
Poll
10 members have voted
2
2
New comment Aug 13
Practice Question (Security Operations)
The organization was informed by their Security Operations Center that their cloud workload protection and endpoint security vendor has released an update that caused critical outages for the majority of the vendor's clients. As a member of the IT Team, which of the following should most likely happen NEXT?
Poll
15 members have voted
3
10
New comment Aug 13
0 likes β€’ Aug 11
D. Perform Vulnerability Scan. You have been alerted to a potential vulnerability that may affect your organization. A vulnerability scan can be used to help identify any systems or devices on your network that would be affected by this issue and would need to be addressed. A is incorrect. While management should be informed of the situation, you first would typically verify whether or not this vulnerability affects your organization. B is incorrect. You should first identify if this event actually affects your organization, and to what severity, before executing your disaster recovery and/or business continuity plans. C is incorrect. You would first need to determine which systems were affected before you would begin mitigating the issue and therefore you most likely would not do this first.
2 likes β€’ Aug 12
I know right! BTW I only post questions that I also got wrong. Some people here manage to answer right.
Practice question (Auditting and Logging)
A cybersecurity leader is tasked with assessing the effectiveness of auditing and logging mechanisms in a critical financial application. The organization aims to enhance visibility into changes made to sensitive financial data. What is the MOST crucial consideration when evaluating the effectiveness of auditing and logging?
Poll
8 members have voted
2
4
New comment Aug 11
1 like β€’ Aug 11
Overall explanation Correct Answer: B) Integration with Security Information and Event Management (SIEM) Justification: Integration with SIEM enhances the overall effectiveness of auditing and logging mechanisms by providing centralized monitoring and correlation of security events. Explanation: A. Retention Period for Audit Logs is important but does not directly address integration with SIEM. C. Volume of Log Data Generated is a consideration but should be balanced with effective analysis tools. D. Real-time Alerting for Critical Events is valuable but complements integration with SIEM rather than replacing it.
1-10 of 71
Nexar Donadio
4
40points to level up
@nexar-donadio-6308
Cybersecurity Manager

Active 24d ago
Joined May 12, 2024
powered by