1 When you have an answer that saves human lives, it probably is the best answer
2 What is ESP? Encapsulation security payload?
In cyber security, ESP most commonly refers to Encapsulating Security Payload, a core component of the IPsec (Internet Protocol Security) protocol suite. Don’t pick AH (authentication header) since it doesn’t provide encruption. ESP is responsible for providing confidentiality (encryption), data integrity (ensuring data hasn’t been tampered with), and authentication (verifying the source of the data) for network traffic. It achieves this by encrypting the actual data being transmitted (the payload) within the network packet.
2 What should come to your mind if you have a question that says 2 networks?
data encryuption and site to site vpn
6 Will implementing 2 factor authentication stop password sharing?
no. what difference does it make? people will still share their 2 factor also.
6 If a question has the word “what should we do first”? Which answer choice should you pick? What should you not pick?
Do not pick training! It never comes first. Usually, it is policy that is the answer.
7 What is a data owner, data custodian, and data steward?
Data owner>steward>custodian. Data owners are ultimately accountable for the quality, accuracy, and security of specific data assets. Data custodians are responsible for the technical implementation and maintenance of data storage, access, and security. Data stewards focus on the business rules and policies that govern data, ensuring its proper use and alignment with organizational goals.
8 Data classification is what in the CIA triad? What about redudancy?
Data classification is Confidentiality, remember who can access. Redudancy is Integrity and Availability
8 If a question ask, “ensure compliance” what does that mean?
It means like preventing…so it can’t be a scanning or detecting answer.
- What’s another word for “best minimize loss”
This is another word for prevention
11 What layer does WAF work at? What about NGFW? What is difference?
Both Layer 7. both security tools, but they protect different aspects of a network. A WAF specializes in securing web applications from web-based attacks like SQL injection and cross-site scripting. An NGFW, on the other hand, provides broader network security, including application control, intrusion prevention, and malware protection.
-
CISSP Easy/Mid Domain134
-
CISSP Hard #1 All Domains 125Q50
-
CISSP Easy Section 330
-
CISSP Section 234
-
CISSP Stone River Asset Security2
-
CISSP Section 546
-
CISSP Section 736
-
Domain 449
-
Domain 839
-
Domain 6 Security Assessment & Testing35
-
General questions17
-
Technical Institute of America 50 CISSP Practice Questions21
-
Inside Cloud & Security11
-
Thor Hard #228
-
Thor Easy 113
-
Thor Easy 1 Part 224
-
Thor Easy 2 part 135
-
Quantum Exam0
