CCT 027: CISSP Exam Questions (019-021)

CCT 027 - RCR 124 - CISSP Exam Questions_019-021

[00:00:00] Hey y'all. This is Sean Gerber. Thank you so much for listening today. But before we get started, I have a question for you. Would you like to finally pass the CISSP and get started building a lucrative and rewarding career in cybersecurity? I can help you over at C S S P Cyber training.com with the resources and tools you need to pass the CISSP the first.

At CISSP cyber training.com, there's a vast array of resources available that will give you the guidance direction and training you need to pass the CISSP exam. As soon as you get done with this presentation, head on over to css p cyber training.com so that I can begin helping you today to meet your C CISSP goals and grow your career in cyber.

All right, let's get started. Welcome to the CISSP Cyber Training Podcast, where we provide you the training and tools you need to pass the CISSP exam the first time. Hi, my name is Sean Gerber and I'm your [00:01:00] host for this action packed informative podcast. Join me each week as I provide the information you need to pass the CISSP exam and grow your cybersecurity.

Alright, let's get started.

Hey y'all, this is Sean Gerber with CISSP Cyber Training, and we're gonna go over some exam questions. Let's start with exam question number 19. So before we get started, we're gonna go into a couple key topics, uh, so that you understand as what, what the questions they're asking for. So when we're talking about abbreviations, A l e, which is your annualized lost expectancy.

And this is something you're gonna deal with as a CISO or as a security person, security practitioner within your organization. So you're gonna need to know these abbreviations. So annualized loss expectancy, you asset value, which is AV or alpha victor. Exposure back factor, which is your echo f foxtrot.

Okay? So that's your exposure factor. And then that's gonna create what we call an annualized [00:02:00] rate of occurrence. Okay? So you're gonna have your annualized rate of occurrence is a r o, sorry, alpha, Romeo, Oscar. So bottom line is, is the, the overall security of this. And you're dealing with the risk management piece of this is ale is annualized lost expectancy.

AV is asset value, EF is exposure. And a r o is your annualized rate of occurrence. So when we talk about this question, what does the formula use to compute a l e? So what is used to compute the annual loss expectancy? You have various different formulas that are put on this question, so you just have to know the right one.

A, your annualized loss expectancy is based on your asset value times your exposure factor times your annual rate of occurrence. That would be a B is your a l e is based on your annual rate of occurrence times your exposure. C, your annual, your annual loss expectancy is your asset value times your [00:03:00] annual rate of occurrence, or D A L E is based on your exposure factor times your annual rate of occurrence.

The main thing you need to know is this formula a l e is equal to your annual. Your asset value times your exposure factor times your annual rate of occurrence. Just know that if you're looking at this, it's the multiplication of all three. If they give you all three of those, that will give your annual loss expectancy.

All right. CISSP exam. Question 20, what disaster recovery principle best protects your organization against hardware failure? A consist. B, efficiency, C redundancy, or D PRIs Prim C. Okay, so what a disaster recovery principle best protects your organization against hardware failure, consistency. A, B.

Efficiency, C redundancy or D primacy. And [00:04:00] the answer is redundancy. Obviously, redundant systems will keep your system and your organization against potential hardware failure. And we talk about this a lot in a, when you're looking at various key pieces within your organization. To look at, uh, ha pairs, which is your, um, high availability pairs.

There's a level of redundancy built into those, so you want to understand redundancy. Now, redundancy can also get very complicated and can get very expensive, so you have to determine based on your risk assessments and based on your risk based approach, which is best for your organization. Okay, practice C I S P exam.

Question 21, which resource should you protect first when designing con continuity plan provisions and processes. So which resource should you protect first when designing continuity, plan provisions and processes? A, your physical plant. B, your infrastructure, C, your financial, or D, your people. [00:05:00] Okay, which resource should you protect?

When designing continuity plans, provisions and processes, a physical plants, B, infrastructure, C financial or D people. When you're dealing with the CISSP and it pretty much, if anything in life, the physical protection of your people, the safety of your people is the of the utmost importance over any piece of equipment or data that you may.

The reason is, is you obviously wanna protect people from getting hurt and being maimed and dying. So when you're dealing with the C I Ss P questions, unless it's a negative type, asking specifically going, you know this, this is not the best time to do that, this is, this is not the first priority when they're asking those negative questions.

It would almost always be people. So think about that. Don't just jump on it, but make sure you read the question fully. But again, people, safety of human life. Always be paramount concerned in any sort of business continuity planning. It just must be, and I deal with this on a daily basis. It always is about the people and protecting them and your PE and your [00:06:00] employees.

Okay. Hope you guys enjoyed that. We'll move on and we'll have some more cis p questions coming up in the near future. Have a wonderful day and we'll catch you on the flip side. See ya. Thanks so much for joining me today on my podcast. If you like what you heard, please leave a review on iTunes, as I would greatly appreciate your feedback.

Also, check out my videos that are on YouTube. Just head to my channel CISSP Cyber Training and you will find a plethora of content to help you pass the CISSP exam the first time. Lastly, head to c i SSPs cyber training.com and look for the free stuff that is only available to our email subscribers.

Thanks again for listening.