Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam
Go to Exam

Exam CISSP topic 1 question 390 discussion

Actual exam question from ISC's CISSP
Question #: 390
Topic #: 1
[All CISSP Questions]

The Chief Information Security Officer (CISO) of a large financial institution is responsible for implementing the security controls to protect the confidentiality and integrity of the organization’s Information Systems. Which of the controls below is prioritized FIRST?

  • A. Firewall and reverse proxy
  • B. Web application firewall (WAF) and HyperText Transfer Protocol Secure (HTTPS)
  • C. Encryption of data in transit and data at rest
  • D. Firewall and intrusion prevention system (IPS)
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by MarkSun at March 31, 2023, 3:08 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
JeffDidntKillHimself
5 days, 14 hours ago
Selected Answer: C
Went with C but I am not fully confident in it. Main thing I pulled out is that it is a financial organization so there are likely strict regulations on the encryption of that data over anything else.
upvoted 1 times
...
1460168
3 months, 3 weeks ago
Selected Answer: C
ChatGPT says: In the context of protecting the confidentiality and integrity of information systems, the control that should be prioritized FIRST is: C. Encryption of data in transit and data at rest
upvoted 1 times
...
klarak
6 months, 2 weeks ago
Selected Answer: B
This is a classic CISSP test of semantics, imo. The answer that correlates to the question is WAF and HTTPS. You have to pay attention to the solution that fits the exact question.
upvoted 2 times
...
gjimenezf
9 months, 3 weeks ago
Selected Answer: B
WAF for integrity and HTTPS for confidentiality
upvoted 2 times
...
lxm28
1 year, 5 months ago
Selected Answer: C
This is because encryption provides an additional layer of protection to sensitive data, making it more difficult for attackers to access or steal. Firewall, WAF, HTTPS, and IPS are also important security controls, but encryption should be prioritized first to ensure the confidentiality and integrity of the organization's information systems.
upvoted 2 times
...
HughJassole
1 year, 5 months ago
Encryption only protects confidentiality; hashing protects integrity so it can't be C. D does seem the best answer.
upvoted 2 times
...
[Removed]
1 year, 7 months ago
Selected Answer: D
I like D. I think C is too much focussed on the data and not on the systems.
upvoted 1 times
jackdryan
1 year, 6 months ago
C is correct
upvoted 1 times
...
...
MarkSun
1 year, 7 months ago
Selected Answer: C
Agree with C
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel