Please submit 10 CISSP questions related to the domain 7: Security Operations. Include both the answers and issues with incorrect answers. Chapter 16 Questions page 692 , if some of these 10 questions hard to answer you can chose any another 10 questions form 20 questions from page 692 and answer them. https://sybextestbanks.wiley.com/courses/102/data/ebook.pdf 1. An organization ensures that users are granted access to only the data they need to perform specific work tasks. What principle are they following? A. Principle of least permission B. Separation of duties C. Need to know D. Role-based access control 2. An administrator is granting permissions to a database. What is the default level of access the administrator should grant to new users? A. Read B. Modify C. Full access D. No access 3. Why is separation of duties important for security purposes? A. It ensures that multiple people can do the same job. B. It prevents an organization from losing important information when they lose important people. C. It prevents any single security person from being able to make major security changes without involving other individuals. D. It helps employees concentrate their talents where they will be most useful. 4. What is a primary benefit of job rotation and separation of duties policies? A. Preventing collusion B. Preventing fraud C. Encouraging collusion D. Correcting incidents 5. A financial organization commonly has employees switch duty responsibilities every six months. What security principle are they employing? A. Job rotation B. Separation of duties C. Mandatory vacations D. Least privilege 6. Which of the following is one of the primary reasons an organization enforces a mandatory vacation policy? A. To rotate job responsibilities B. To detect fraud C. To increase employee productivity D. To reduce employee stress levels 7. An organization wants to reduce vulnerabilities against fraud from malicious employees. Of the following choices, what would help with this goal? (Choose all that apply.) A. Job rotation B. Separation of duties C. Mandatory vacations D. Baselining 8. Of the following choices, what is not a valid security practice related to special privileges? A. Monitor special privilege assignments. B. Grant access equally to administrators and operators. C. Monitor special privilege usage. D. Grant access to only trusted employees. 9. Which of the following identifies vendor responsibilities and can include monetary penalties if the vendor doesn’t meet the stated responsibilities? A. Service level agreement (SLA) B. Memorandum of understanding (MOU) C. Interconnection security agreement (ISA) D. Software as a Service (SaaS) 10. What should be done with equipment that is at the end of its life cycle and that is being donated to a charity? A. Remove all CDs and DVDs. B. Remove all software licenses. C. Sanitize it. D. Install the original software. Discussion part There are 2 discussions post a new thought on one, reply on the other. 1- answer on this question by write 170-200 words discuss an issue or key point of an Incident Response Plan 2- a response on this Discussion at least 70 words on - discuss an issue or concern about Intrusion Prevention - The student said about this: - Issue with Intrusion Prevention: Type I and Type II Errors - Intrusion prevention is known to have more pros than cons. However, the existing cons could prove to be critical if the intrusion is serious enough. One major issue with intrusion prevention systems (IPSs) is the generation of false positives and false negatives (type 1 and type 2 errors). Denial of service to valid users can occur or malicious actors may be able to easily intrude the network under the circumstances of these errors occurring. False positives and negatives usually occur in systems that rely on only a single detection method. When IPSs use multiple detection methods, the likelihood of these errors occurring greatly decreases. Another way to prevent these errors from occurring in the systems is for the network administrator to manually train the system, by telling the IPS specifically which jobs and users are not malicious and to update the system with viruses that it may not be aware of. There are two questions : 1- Security Breeches - please create a short summary wiki page of the security breech you chose in your paper: • • • • The name of your breech What it did How it gets in How do you prevent it For example : Equifax, one of the three major credit bureaus in the United States, announced that it suffered a massive data breach in September of 2017. What happened? • • • • • In September 7th, 2017, Equifax made it known to the public that they had been victims of a data breach • This data was accessed from mid May of 2017 through July 20 Hackers gained access to databases that were stored on Equifax's internal servers. Over 140 million Americans had personally identifiable information (PII) leaked. 100,000 Canadian residents, and 400,000 UK residents also had their information stolen The data that was stolen included: names, addresses, birth dates, social security numbers, and driver's licenses. How it happened? • • • • • • • • • Hackers exploited a vulnerability that was present in Equifax's online dispute portal. The vulnerability, CVE-2017-5638, affected the Apache Struts framework that the website was built on. The exploit was able to take advantage of the mishandling of exception and error handling on the webpage's data form. System-level commands were injected into specially crafted data input fields that allowed the hackers to penetrate the network and gain access to internal databases. The type of attack was a remote code execution attack. Equifax's team made several key errors: Equifax's team in charge of patching did attempt a patch, but the patch was not implemented correctly Equifax's also scanned their systems after installing the faulty patch, and concluded no vulnerabilities were in the system. Equifax had also been breached several times before, so we can conclude they hadn't changed their practices How it could have been prevented? • • • The vulnerability was made public in March of 2017 and the patch was immediately made available. Equifax's system administrators failed to apply the patch in a timely manner Equifax's cybersecurity team should make patch management a priority going forward Who did it affect? • • Mainly consumers who's credit data was stored on Equifax's system Many of these customers were encouraged to get credit monitoring by Lifelock with whom Equifax had a business relationship. Note: All company names below have been written by other students so you should choose another one. ………………………………………………………………………………………………… • • • • 2- Please put in a two page evaluation of a current hack or cyber-attack which will include: A title - if appropriate multiple names Description of what it does Prevention - How would you define against it Remediation - How would you remove it from an organization once you are infected.
Purchase answer to see full attachment