Weekly CISSP Exam Questions
Question: After a security breach, management wants a full report. Which is the least relevant information for them?
A. How the breach occurred
B. The type of data accessed
C. The patches missed in the last update
D. Next steps and recommendations
Correct Answer: C
Explanation:
How the breach occurred: This is highly relevant because understanding how the breach occurred helps in identifying the root cause and prevents future similar incidents.
The type of data accessed: Knowing what data was accessed or compromised is crucial for assessing the impact of the breach. It also informs any legal or regulatory obligations the company might have, such as notifying affected individuals or authorities.
The patches missed in the last update: While it may be technically interesting to know which patches were missed, this is less immediately relevant to management compared to understanding the nature and impact of the breach. Knowing which patches were missed might be a part of a technical post-mortem but is not the most pressing information management needs for decision-making following a breach.
Next steps and recommendations: This is also crucial as management will want to know what immediate and long-term actions are necessary to mitigate risks and prevent future breaches.
Podcasts
Check out my weekly podcasts that delve deep into the relevant topics related to each of CISSP domains. In addition, I will go over specific questions and they can be interpreted and answered.
CISSP Cyber Training Academy
Tired of not knowing how to study for the CISSP Exam?
Check out the CISSP Cyber Training Academy to help you on your journey!
CISSP Cyber Training - YouTube
Check out my video collection on YouTube discussing all the details needed to help you pass the CISSP exam.
