RCR 059 - How to Understand Threat Modeling for the CISSP Exam Prep

Published: Jan. 13, 2020, 11 p.m.

Description:

Shon Gerber from ShonGerber.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need to enhance your cybersecurity career.  Shon utilizes his expansive knowledge while providing superior training from his years of training people in cybersecurity. 

In this episode, Shon will talk about the following items that are included within Domain 1 (Security and Risk Management) of the CISSP Exam.

  • CISSP Article – Threat Modeling
  • CISSP Training – Data Integrity and Threat Modeling
  • CISSP Exam Questions

BTW - Get access to all my CISSP Training Courses here at:  https://shongerber.com/ 

CISSP Exam Questions

Question:  060

You are a security consultant. A large enterprise customer hires you to ensure that their security operations are following industry standard control frameworks. For this project, the customer wants you to focus on technology solutions that will discourage malicious activities. Which type of control framework should you focus on?

  • A.  Preventative
  • B.  Deterrent
  • C.  Detective
  • D.  Corrective
  • E.  Assessment

Answer: [B] Explanation: Deterrent frameworks are technology-related and used to discourage malicious activities. For example, an intrusion prevention system or a firewall would be appropriate in this framework.

There are three other primary control frameworks. A preventative framework helps establish security policies and

security awareness training. A detective framework is focused on finding unauthorized activity in your environment

after a security incident. A corrective framework focuses on activities to get your environment back after a security

incident. There isn’t an assessment framework.

 

Source:  From <https://blog.netwrix.com/2018/05/16/cissp-practice-exam-free-online-test-questions/>

------------------------------------

Question:  061

You are performing a risk analysis for an internet service provider (ISP) that has thousands of customers on its broadband network. Over the past 5 years, some customers have been compromised or experienced data breaches. The ISP has a large amount of monitoring and log data for all customers. You need to figure out the chances of additional customers experiencing a security incident based on that data. Which type of approach should you use for the risk analysis?

  • A. Qualitative
  • B. Quantitative
  • C. STRIDE
  • D. Reduction
  • E. Market

Answer: [B] Explanation: You have three risk analysis methods to choose from: qualitative (which uses a risk analysis matrix), quantitative (which uses money or metrics to compute), or hybrid (a combination of qualitative and quantitative but not an answer choice in this scenario). Because the ISP has monitoring and log data, you should use a quantitative approach; it will help quantify the chances of additional customers experiencing a security risk.

STRIDE is used for threat modeling. A market approach is used for asset valuation. A reduction analysis attempts to eliminate duplicate analysis and is tied to threat modeling.

Source:  From <https://blog.netwrix.com/2018/05/16/cissp-practice-exam-free-online-test-questions/>

-----------------------------------

Question:  062

You are working on a business continuity project for a company that generates a large amount of content each day for use in social networks. Your team establishes 4 hours as the maximum tolerable data loss in a disaster recovery or business continuity event. In which part of the business continuity plan should you document this?

  • A.  Recovery time objective (RTO)
  • B.  Recovery point objective (RPO)
  • C.  Maximum tolerable downtime (MTD)
  • D.  Maximum data tolerance (MDT)

Answer: [B] Explanation: The RTO establishes the maximum amount of time the organization will be down (or how long it takes to recover), the RPO establishes the maximum data loss that is tolerable, the MTD covers the maximum tolerable downtime, and MDT is just a made-up phrase used as a distraction. In this scenario, with the focus on the data loss, the correct answer is RPO.

 

Source:  From <https://blog.netwrix.com/2018/05/16/cissp-practice-exam-free-online-test-questions/>

 

Want to find Shon elsewhere on the internet?

LinkedIn – www.linkedin.com/in/shongerber

Facebook - https://www.facebook.com/CyberRiskReduced/

LINKS: