Exam CISSP topic 1 question 359 discussion

Option A aligns more into the Interview method. Interviews with Key Personnel. Option B aligns with Examine method. Log review. Option C aligns with Test method. Access control testing. Option D is more of a Vulnerability Assessment. Automated scanning.

Answer is C: Simplify the question... but reading it from CISSP Perspective. Exemplifies means (Provide an Example) of the examination method of the assessment... the vulnerability assessment will test the default credentials...

Answer B) Ensuring that system audit logs capture all relevant data fields required by the security controls baseline B is the only answer that is looking at something and making sure it contains exactly what is expected to see because of the policy in place for log data capture. A is INTERVIEW because it is only asking someone about a procedure C isn't really stating much other than it would be a security problem if they can log in with default credentials D is EXAMINE because they are trying something out to see what happens, but they do not have a specified expectation of what they will find. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53Ar4.pdf Page 10: The test method is the process of exercising one or more assessment objects (i.e., activities or mechanisms) under specified conditions to compare actual with expected behavior.

B. Ensuring that system audit logs capture all relevant data fields required by the security controls baseline B = Examine, A = interview, C & D = test,

A The other options involve activities like configuring, logging in, or performing scans, which are more aligned with the "Test" or "Operate" methods of assessment, rather than the "Examine" method.

Chat G P T initially said A. I provided the definitions from the CBK and still thought it was A

D seems correct. It's not up to you to ensure logs capture data, that's not the CISSP's role. "Assessment methods define the nature of the assessor actions and include examine, interview, and test. The examine method is the process of reviewing, inspecting, observing, studying, or analyzing one or more assessment objects (i.e., specifications, mechanisms, or activities)." https://www.sciencedirect.com/topics/computer-science/assessment-method#:~:text=activities%20described%20above.-,Assessment%20methods%20define%20the%20nature%20of%20the%20assessor%20actions%20and,%2C%20mechanisms%2C%20or%20activities). A. would fall under the interview category, and scanning ports sounds like it fits the definition perfectly.

The correct answer is A. Asking the Information System Security Officer (ISSO) to describe the organization's patch management processes. The Examine method of vulnerability assessment is a qualitative method that relies on the expertise of the assessor to identify vulnerabilities. This method is often used when it is not possible or practical to use quantitative methods, such as scanning or penetration testing.

Ans D:According to CISSP Official Guide 9th Edition, Page 833. Vulnerability assessments use automated tools to search for known vulnerabilities in systems, applications, and networks. So answer is D in my opinion looking at the automated tool which in this case is the Performance of port scan.

I have checked the Imperva and NIST SP 800 Links. I agree with B as the correct answer for the examine method.

Answer D It is assessment. Not audit or compliance https://www.imperva.com/learn/application-security/vulnerability-assessment/

B is correct. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53Ar4.pdf Assessment methods define the nature of the assessor actions and include examine, interview, and test. The examine method is the process of reviewing, inspecting, observing, studying, or analyzing one or more assessment objects (i.e., specifications, mechanisms, or activities). The purpose of the examine method is to facilitate assessor understanding, achieve clarification, or obtain evidence. A is interview C & D are test.