InfoTechSite

A network administrator is configuring a new web server. To reduce the attack surface, the administrator removes all unnecessary services and software components from the system. What secure design principle is being applied?
#cissp #cisspexam #cybersecurity #cybersecuritycertification

1 month ago | [YT] | 1

InfoTechSite

An organization is implementing a new payroll system and is concerned about the risk of fraud. To mitigate this risk, the system is designed to require a different manager to initiate and approve all financial transactions. Which secure design principle is being applied?
#cissp #cisspexam #cybersecurity #cybersecuritycertification

1 month ago | [YT] | 2

InfoTechSite

A software development team is tasked with creating a new application. The team decides that security features, such as threat modeling and secure defaults, should be part of the initial design phase rather than added later. Which secure engineering process is being applied?
#cissp #cisspexam #cybersecurity #cybersecuritycertification

1 month ago | [YT] | 1

InfoTechSite

A security professional is designing a new system that handles sensitive financial transactions. To prevent a single individual from fraudulently completing a transaction, the professional ensures that the system requires two different administrators to approve separate, critical steps of the process. Which secure design principle is being applied?
#cissp #cisspexam #cybersecurity #cybersecuritycertification

1 month ago | [YT] | 1

InfoTechSite

An architect is designing a new cloud application and, to minimize the impact of a security compromise, decides to implement multiple layers of security controls, including a web application firewall, an intrusion detection system, and network micro-segmentation. Which secure design principle is being applied?
#cissp #cisspexam #cisspprep #cybersecurity #cybersecuritycertification

1 month ago | [YT] | 0

InfoTechSite

#CISSP #cisspexam #cissptraining #cybersecuritycertification #CyberSecurityTraining #cybersecurity

1 month ago | [YT] | 1

InfoTechSite

A software development team is starting a new project. To ensure the final product is resilient against a range of attacks, the team decides to hold a structured session to identify potential threats, model the system, and determine countermeasures. What process is the team performing?
#cissp #cisspexam #cisspprep #cybersecurity #cybersecuritycertification

1 month ago | [YT] | 0

InfoTechSite

An IT manager is conducting an internal audit and discovers that several employees in the finance department have not signed the new Acceptable Use Policy (AUP). The manager wants to explain the legal implications of this oversight to a senior executive. Which of the following is the most pertinent legal concept to reference?
#cissp #cisspexam #cybersecurity #cybersecuritycertification

1 month ago | [YT] | 1

InfoTechSite

An organization is conducting a risk assessment on its public-facing web servers. The assessment team identifies a potential threat actor as a state-sponsored group known to exploit zero-day vulnerabilities. What is the appropriate term for this group?
#cissp #cisspexam #cybersecurity #cybersecuritycertification

1 month ago | [YT] | 1

InfoTechSite

A security consultant is advising a multinational corporation on data privacy. The corporation has offices in the European Union and the United States. Which of the following is the most critical issue for the consultant to address regarding data flow between these regions?
#cissp #cisspexam #cybersecurity #cybersecuritycertification

1 month ago | [YT] | 1