Activity
Mon
Wed
Fri
Sun
Dec
Jan
Feb
Mar
Apr
May
Jun
Jul
Aug
Sep
Oct
Nov
What is this?
Less
More

Memberships

CISSP Study Group

Public • 895 • Free

17 contributions to CISSP Study Group
Practice Question!
Susan uses a SPAN port to monitor traffic to her production website and uses a monitoring tool to identify performance issues in real time. What type of monitoring is she conducting?
Poll
45 members have voted
2
11
New comment 20h ago
1 like • 20h
A is the correct answer Susan is conducting passive monitoring by using a SPAN (Switched Port Analyzer) port to observe and analyze traffic to her production website. Passive monitoring involves capturing network traffic without altering it, which allows her to analyze real-time data on performance, latency, errors, and user activity without impacting live traffic flow. This approach provides insights into actual user interactions with her website.
Quantitative Risk assessment
Your network contains Routers which typically fails once every five years. The total cost of a router is $200. A technician, who is paid $40 per hour, needs 2 hours to replace one failed router. 10 employees, who earn an average of $20 per hour, will be unproductive until the router is replaced. Which of the following is the ARO? (select the best answer)
Poll
28 members have voted
3
15
New comment 14h ago
2 likes • 10d
For instance, if a specific risk event is estimated to happen once a year, the ARO would be 1/1/100 = 1 if a specific risk event is estimated to happen once every 10 years, the ARO would be 1/10/100 = 0.1
1 like • 20h
@Abde Ouhab thanks for your comment, but if you look again you will notice I wrote "For instance" for another scenario :)
Practice Question!
Susan wants to integrate her website to allow users to use accounts from sites like Google. What technology should she adopt?
Poll
43 members have voted
1
1
New comment 20h ago
1 like • 20h
C is the correct answer, OpenID Connect builds on OAuth 2.0 to handle authentication, allowing users to use their existing accounts (like Google) to log in to Susan’s website. Remember: OpenID Connect is an authentication protocol OAuth 2.0 is an Authorization protocol
Practice Question!
Andrew believes that a digital certificate belonging to his organization was compromised and would like to add it to a certificate revocation list (CRL). Who must add the certificate to the CRL?
Poll
26 members have voted
1
1
New comment 20h ago
1 like • 20h
C is the correct answer, Certificate Authority (CA) that issued the certificate must take action. Andrew should contact the issuing CA to report the suspected compromise. Once verified, the CA can then update the CRL to include the revoked certificate, making it publicly known as invalid. This prevents others from trusting the compromised certificate for secure communications.
Domain 1: Silicon Root of Trust
You are the Cybersecurity Professional for your organization and the CEO would like to know how the Silicon Root of Trust prevents malicious code from tampering with a server. What do you tell the CEO?
Poll
20 members have voted
3
5
New comment 4d ago
1 like • 5d
"C" is the correct answer, Causes the server to reboot, protecting the operating system. The silicon root of trust (SRoT) works by validating the integrity of firmware and system-level processes from the hardware level. If it detects a tampering attempt or malicious code, it can initiate a reboot to return the server to a known good state and prevent unauthorized changes to critical systems. This response also aligns with how the silicon root of trust is designed to safeguard the boot process and secure the OS from low-level threats.
1-10 of 17
@fouad-ahmed-2832
Cyber Security professional, will to learn about the latest in the cybersecurity world and knowledge sharing

Active 20h ago
Joined Oct 25, 2024
powered by