exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam

Exam CISSP topic 1 question 162 discussion

Actual exam question from ISC's CISSP
Question #: 162
Topic #: 1
[All CISSP Questions]

Which of the following is the BEST approach to implement multiple servers on a virtual system?

  • A. Implement one primary function per virtual server and apply individual security configuration for each virtual server.
  • B. Implement multiple functions within the same virtual server and apply individual security configurations to each function.
  • C. Implement one primary function per virtual server and apply high security configuration on the host operating system.
  • D. Implement multiple functions per virtual server and apply the same security configuration for each virtual server.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Rollizo
Highly Voted 1 year, 5 months ago
It is A. This sentence is from standard as PCI DSS: "2.2.1 Implement only one primary function per server to prevent functions that require different security levels from co-existing on the same server. (For example, web servers, database servers, and DNS should be implemented on separate servers.)"
upvoted 8 times
Rollizo
1 year, 5 months ago
the keyword is "one primary function", the email or antimalware could be a secondary function
upvoted 1 times
...
jackdryan
10 months, 1 week ago
A is correct
upvoted 1 times
...
...
jon1991
Highly Voted 1 year, 6 months ago
Selected Answer: A
The answer should be - A -
upvoted 6 times
...
74gjd_37
Most Recent 5 months, 3 weeks ago
Selected Answer: A
The BEST approach to implement multiple servers on a virtual system is A. Requirement 2.2.1 of the PCI DSS states that organizations must implement only one primary function per server to prevent functions that require different security levels from coexisting on the same server. This requirement helps to reduce the risk of unauthorized access or data leakage between different functions. Moreover, Requirement 2.2.2 of the PCI DSS states that organizations must ensure that security configurations are not applied to other servers in a manner that would negatively impact the security of the cardholder data environment. This requirement emphasizes the importance of applying individual security configurations to each virtual server to ensure that the security of each server is not compromised.
upvoted 3 times
...
Dee83
1 year, 1 month ago
A. Implement one primary function per virtual server and apply individual security configuration for each virtual server. This approach allows for more granular control of security and reduces the attack surface. Each virtual server can be configured with a unique security configuration that is tailored to its specific function, which minimizes the risk of a compromise affecting multiple servers or functions. Additionally, if one virtual server is compromised, the attacker would have access to only the resources and data on that specific virtual server, which limits the overall impact. Implementing multiple functions within the same virtual server, and apply the same security configuration for each virtual server, may lead to a scenario where a vulnerability in one service can be used to compromise the security of other services or the whole system, and it would be harder to identify and isolate the breach.
upvoted 1 times
...
bynd
1 year, 4 months ago
Selected Answer: D
The answer is D. The first benefit of VMs is consolidation. That's why the answer should be the easiest and more secure option. On the other hand, If you configure different security configurations on each virtual server, it might not work when you deploy. It's recommended to keep the same configuration.
upvoted 2 times
...
Firedragon
1 year, 4 months ago
Selected Answer: D
D. It doesn't say this is for PCI. Multiple functions per VM is the standard configuration and multiple VMs, which provides high availability.
upvoted 2 times
...
fax
1 year, 5 months ago
It should be A
upvoted 1 times
...
Peterzhang
1 year, 5 months ago
To think about this question in real-life, the AV or Anti-malware product in agentless or lite agent modes all be implemented by the central management with one unified policy&tasks or profiles and distributed to the clients/servers based upon hypervisor like MS Hyper-V or VMware ESXi,so still vote to D.
upvoted 3 times
...
stickerbush1970
1 year, 6 months ago
Selected Answer: A
A is correct
upvoted 4 times
...
DERCHEF2009
1 year, 6 months ago
Selected Answer: A
Highest security
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago