Weekly CISSP Exam Questions
Scenario: During a code review, a developer suggests using obfuscation to secure sensitive algorithms in the application. What is the primary downside to this approach?
A. Increases computational overhead
B. Cannot be used in cloud environments
C. Security through obscurity
D. Increases storage requirements
Answer: C
Explanation:
- Increases computational overhead: While obfuscation can indeed make code more complex to execute, this is not its primary downside when it comes to security.
- Cannot be used in cloud environments: There is no inherent reason obfuscation can't be used in cloud environments.
- Security through obscurity: Relying on obfuscation is generally not recommended as a primary security measure because it merely obscures code but doesn't protect it from being reverse-engineered. Security through obscurity is not a robust security control.
- Increases storage requirements: While obfuscated code could potentially be larger due to added layers of complexity, this is usually not a significant concern and not the primary downside from a security perspective.
Podcasts
Check out my weekly podcasts that delve deep into the relevant topics related to each of CISSP domains. In addition, I will go over specific questions and they can be interpreted and answered.
CISSP Cyber Training Academy
Tired of not knowing how to study for the CISSP Exam?
Check out the CISSP Cyber Training Academy to help you on your journey!
CISSP Cyber Training - YouTube
Check out my video collection on YouTube discussing all the details needed to help you pass the CISSP exam.
