CISSP Exam Dumps - Certified Information Systems Security Professional (CISSP)

The most important consideration when storing and processing PII is to adhere to the collection limitation laws and regulations that apply to the jurisdiction and context of the data processing. Collection limitation is a principle that states that PII should be collected only for a specific, legitimate, and lawful purpose, and only to the extent that is necessary for that purpose1. By following this principle, the data processor can minimize the amount of PII that is stored and processed, and reduce the risk of data breaches, misuse, or unauthorized access. Encrypting and hashing all PII, storing PII for no more than one year, and avoiding storing PII in a cloud service provider are also good practices for protecting PII, but they are not as important as adhering to the collection limitation laws and regulations. References: 1: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 5, page 290.

Compliance to the SLA should be reviewed at regularly scheduled meetings, such as monthly or quarterly, to ensure that the security posture is being delivered as agreed. This allows both parties to monitor the performance, identify any issues or gaps, and take corrective actions if needed. Reviewing the SLA only as part of the renewal process, prior to a planned security audit, or immediately after a security breach is not sufficient, as it may result in missing or delaying the detection and resolution of security problems. References: 1: How to measure your SLA: 5 Metrics you should be Monitoring and Reporting23: Run your security awareness program like a marketer with these campaign kits4

File Transfer Protocol (FTP) is a protocol that enables the transfer of files between a client and a server over a network. FTP has a security limitation in that it does not encrypt the authentication process, meaning that the username and password are sent in clear text over the network. This exposes the credentials to interception and eavesdropping by unauthorized parties, who could then access the files or compromise the system . References: : CISSP All-in-One Exam Guide, Eighth Edition, Chapter 5, page 533. : CISSP For Dummies, 7th Edition, Chapter 5, page 155.

 A Kerberos server must be well protected from unauthorized access because it contains the keys of all clients. Kerberos is a network authentication protocol that uses symmetric cryptography and a trusted third party, called the Key Distribution Center (KDC), to provide secure and mutual authentication between clients and servers2. The KDC consists of two components: the Authentication Server (AS) and the Ticket Granting Server (TGS). The AS issues a Ticket Granting Ticket (TGT) to the client after verifying its identity and password. The TGS issues a service ticket to the client after validating its TGT and the requested service. The client then uses the service ticket to access the service. The KDC stores the keys of all clients and services in its database, and uses them to encrypt and decrypt the tickets. If an attacker gains access to the KDC, they can compromise the keys and the tickets, and impersonate any client or service on the network. References: 2: CISSP For Dummies, 7th Edition, Chapter 4, page 91.

Mutual authentication is the process of verifying the identity of both parties in a communication. The computer system authenticates the user by verifying their credentials, such as username and password, biometrics, or tokens. The user authenticates the computer system by verifying its identity, such as a digital certificate, a trusted third party, or a challenge-response mechanism34. References: 3: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 5, page 5154: CISSP For Dummies, 7th Edition, Chapter 5, page 151.

 The Transport layer of the Open Systems Interconnection (OSI) model implementation adds information concerning the logical connection between the sender and receiver. The Transport layer is responsible for establishing, maintaining, and terminating the end-to-end communication between two hosts, as well as ensuring the reliability, integrity, and flow control of the data. The Transport layer uses protocols such as TCP and UDP to provide connection-oriented or connectionless services, and adds headers that contain information such as source and destination ports, sequence and acknowledgment numbers, and checksums . References: : CISSP All-in-One Exam Guide, Eighth Edition, Chapter 5, page 499. : CISSP For Dummies, 7th Edition, Chapter 5, page 145.

A functional drill is a type of disaster recovery and business continuity training that involves a specific test by response teams of individual emergency response functions, such as fire suppression, medical assistance, or data backup. A functional drill is designed to evaluate the performance, coordination, and effectiveness of the response teams and the emergency procedures. A functional drill is not the same as a full-scale simulation, a functional evacuation, or an activation of the backup site. A full-scale simulation is a type of disaster recovery and business continuity training that involves a realistic and comprehensive scenario of an emergency and the subsequent response functions, involving all the stakeholders, resources, and equipment. A functional evacuation is a type of disaster recovery and business continuity training that involves the orderly and safe movement of personnel from a threatened or affected area to a safe location. An activation of the backup site is a type of disaster recovery and business continuity action that involves the switching of operations from the primary site to the secondary site in the event of a disaster or disruption. 

 If a system administrator discovers a serious security breach during a penetration test, such as unauthorized access to a server holding sensitive data, the first action that he or she should take is to immediately document the finding and report it to senior management. This is because senior management is ultimately responsible for the security of the organization and its assets, and they need to be aware of the situation and take appropriate actions to mitigate the risk and prevent further damage. Documenting the finding is also important to provide evidence and support for the report, and to comply with any legal or regulatory requirements. Using system privileges to alter the permissions to secure the server, continuing the testing to its completion, or terminating the penetration test and passing the finding to the server management team are not the first actions that a system administrator should take, as they may not address the root cause of the problem, may interfere with the ongoing testing, or may delay the notification of senior management.