CISSP Question...

Which of the following actions will reduce the risk to a laptop before travelling to a high risk area?
A. Examine the device for physical tampering
B. Implement more stringent baseline configurations
C. Purge or re-image the hard disk drive
D. Change access codes

I find this as not very clear, what are ya'll thoughts.

Find more posts tagged with

Comments

mikey88

B? To be fair, this is a pretty straightforward question and on the actual exam you'll face way tougher questions.

Edit: baseline can mean either taking a baseline (of normal operations) of network traffic and monitor for abnormalities or baseline as in hardening a system.

oscarmack

mikey88 said:

B? To be fair, this is a pretty straightforward question and on the actual exam you'll face way tougher questions.

That was my exact answer. I got this question from ISC2 and their answer is D and i was kind of dumb founded because it did not make any sense to me.

Blucodex

Really bad question. I wonder if they meant to ask what to do when you return. As all answers but B make sense in that context.

lucky0977

A. Examine the device for physical tampering - Would be performed upon returning from any type travel
B. Implement more stringent baseline configurations - Sounds like something you would do to harden the configuration prior to travel to high risk area
C. Purge or re-image the hard disk drive - Sounds like something you would do after return from a high risk area if malware was discovered.
D. Change access codes - Access codes really?

Blucodex

lucky0977 said:
D. Change access codes - Access codes really?

I think this means passwords - Something you do upon return.

tedjames

Blucodex said:

lucky0977 said:
D. Change access codes - Access codes really?

I think this means passwords - Something you do upon return.

If an employee needs to take agency or company assets (laptop, tablet, etc.) out of the country, I would give them a loaner device with a fresh image and copies of the files they need to work on while away. When they return, transfer the necessary data in a controlled environment (off the network), scan the data for malware, re-image the loaner device, and transfer their data to their normal working device. And of course, make them change passwords.

Blucodex

tedjames said:

Blucodex said:

lucky0977 said:
D. Change access codes - Access codes really?

I think this means passwords - Something you do upon return.

If an employee needs to take agency or company assets (laptop, tablet, etc.) out of the country, I would give them a loaner device with a fresh image and copies of the files they need to work on while away. When they return, transfer the necessary data in a controlled environment (off the network), scan the data for malware, re-image the loaner device, and transfer their data to their normal working device.

I'm just working in the context of the provided answers.

Blucodex

tedjames said:

Blucodex said:

lucky0977 said:
D. Change access codes - Access codes really?

I think this means passwords - Something you do upon return.

If an employee needs to take agency or company assets (laptop, tablet, etc.) out of the country, I would give them a loaner device with a fresh image and copies of the files they need to work on while away. When they return, transfer the necessary data in a controlled environment (off the network), scan the data for malware, re-image the loaner device, and transfer their data to their normal working device.

I'm just working in the context of the provided answers.

maxfred

If you took the question in the most straightforward context I'd think C would limit the risk most effectively, obviously an assumption there was data that may be at risk which wasn't required to be in use (i.e. a loan laptop containing that contained sensitive information).

PeterHands

The answer is D. Remember the goal of a CISSP is to provide the maximum amount of security in the least amount of time for the least amount of cost.

beads

The answer is D because the first three are actions that can only be of benefit after returning from a high risk environment. Changing the access codes/passwords is the on proactive item on the list. Still its poorly written, almost cryptic in design making it a near perfect exam question.

On the real exam expect basically the same type of question but more likely in a paragraph form with endless useless detail to sift through.

Good luck, we've all been there before!

b/eads