CISSP Question...

oscarmackoscarmack CISA, MCSEMember Posts: 8 ■■□□□□□□□□
Which of the following actions will reduce the risk to a laptop before travelling to a high risk area?
A. Examine the device for physical tampering
B. Implement more stringent baseline configurations
C. Purge or re-image the hard disk drive
D. Change access codes

I find this as not very clear, what are ya'll thoughts.

Comments

  • mikey88mikey88 CISSP, CySA+, Security+, Network+ and others Member Posts: 494 ■■■■■■□□□□
    edited March 2019
    B? To be fair, this is a pretty straightforward question and on the actual exam you'll face way tougher questions.

    Edit:  baseline can mean either taking a baseline (of normal operations) of network traffic and monitor for abnormalities or baseline as in hardening a system. 
    Certs: CISSP, CySA+, Security+, Network+ and others | 2019 Goals: Cloud Sec/Scripting/Linux

  • oscarmackoscarmack CISA, MCSE Member Posts: 8 ■■□□□□□□□□
    mikey88 said:
    B? To be fair, this is a pretty straightforward question and on the actual exam you'll face way tougher questions.
    That was my exact answer.  I got this question from ISC2 and their answer is D and i was kind of dumb founded because it did not make any sense to me.
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Member Posts: 430 ■■■■□□□□□□
    Really bad question.  I wonder if they meant to ask what to do when you return.  As all answers but B make sense in that context.
  • lucky0977lucky0977 Senior Member Member Posts: 218 ■■■■□□□□□□
    edited March 2019
    A. Examine the device for physical tampering - Would be performed upon returning from any type travel
    B. Implement more stringent baseline configurations - Sounds like something you would do to harden the configuration prior to travel to high risk area
    C. Purge or re-image the hard disk drive - Sounds like something you would do after return from a high risk area if malware was discovered.
    D. Change access codes - Access codes really?
    Bachelor of Science: Computer Science | Hawaii Pacific University
    CISSP | CISM | CISA | CASP | SSCP | Sec+ | Net+ | A+
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Member Posts: 430 ■■■■□□□□□□
    edited March 2019
    lucky0977 said:
    D. Change access codes - Access codes really?

     I think this means passwords - Something you do upon return.
  • tedjamestedjames Scruffy-looking nerfherdr Member Posts: 1,179 ■■■■■■■■□□
    edited March 2019
    Blucodex said:
    lucky0977 said:
    D. Change access codes - Access codes really?

     I think this means passwords - Something you do upon return.
    If an employee needs to take agency or company assets (laptop, tablet, etc.) out of the country, I would give them a loaner device with a fresh image and copies of the files they need to work on while away. When they return, transfer the necessary data in a controlled environment (off the network), scan the data for malware, re-image the loaner device, and transfer their data to their normal working device. And of course, make them change passwords.
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Member Posts: 430 ■■■■□□□□□□
    tedjames said:
    Blucodex said:
    lucky0977 said:
    D. Change access codes - Access codes really?

     I think this means passwords - Something you do upon return.
    If an employee needs to take agency or company assets (laptop, tablet, etc.) out of the country, I would give them a loaner device with a fresh image and copies of the files they need to work on while away. When they return, transfer the necessary data in a controlled environment (off the network), scan the data for malware, re-image the loaner device, and transfer their data to their normal working device. 

    I'm just working in the context of the provided answers.
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Member Posts: 430 ■■■■□□□□□□
    tedjames said:
    Blucodex said:
    lucky0977 said:
    D. Change access codes - Access codes really?

     I think this means passwords - Something you do upon return.
    If an employee needs to take agency or company assets (laptop, tablet, etc.) out of the country, I would give them a loaner device with a fresh image and copies of the files they need to work on while away. When they return, transfer the necessary data in a controlled environment (off the network), scan the data for malware, re-image the loaner device, and transfer their data to their normal working device. 

    I'm just working in the context of the provided answers.
  • maxfredmaxfred Cloud MCSE, TOGAF, MCSE Data Analytics Member Posts: 9 ■■□□□□□□□□
    If you took the question in the most straightforward context I'd think C would limit the risk most effectively, obviously an assumption there was data that may be at risk which wasn't required to be in use (i.e. a loan laptop containing that contained sensitive information).
  • PeterHandsPeterHands Member Member Posts: 81 ■■■□□□□□□□
    The answer is D. Remember the goal of a CISSP is to provide the maximum amount of security in the least amount of time for the least amount of cost.


    ISC2 CISSP, EC-Council CEH, CompTia Security+
  • beadsbeads Senior Member Member Posts: 1,511 ■■■■■■■■■□
    The answer is D because the first three are actions that can only be of benefit after returning from a high risk environment. Changing the access codes/passwords is the on proactive item on the list. Still its poorly written, almost cryptic in design making it a near perfect exam question.

    On the real exam expect basically the same type of question but more likely in a paragraph form with endless useless detail to sift through.

    Good luck, we've all been there before!

    b/eads
Sign In or Register to comment.