Question 1mediummultiple choice
Read the full NAT/PAT explanation →CISSP Security and Risk Management • Complete Question Bank
Complete CISSP Security and Risk Management question bank — all 0 questions with answers and detailed explanations.
Refer to the exhibit.
```
Policy: data_classification
{
"rules": [
{
"pattern": "credit_card_number",
"classification": "restricted",
"action": "encrypt"
},
{
"pattern": "employee_id",
"classification": "internal",
"action": "mask"
},
{
"pattern": "public_info",
"classification": "public",
"action": "none"
}
]
}
```Refer to the exhibit. ``` Error log: 2025-03-15 14:23:45 ERROR Authentication failed for user 'admin' from IP 192.168.1.100. Reason: Invalid credentials. 2025-03-15 14:23:47 ERROR Authentication failed for user 'admin' from IP 192.168.1.100. Reason: Invalid credentials. 2025-03-15 14:23:49 ERROR Authentication failed for user 'admin' from IP 192.168.1.100. Reason: Invalid credentials. 2025-03-15 14:23:51 ERROR Account locked for user 'admin' due to multiple failed attempts. ```
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Preventive
Detective
Corrective
Preventive
Detective
Refer to the exhibit. Firewall Log Entry (May 5, 2025 14:23:45): Action: Deny Protocol: TCP Src IP: 10.0.0.25 Src Port: 44321 Dst IP: 203.0.113.50 Dst Port: 443 Rule ID: 105 Reason: No matching rule
Refer to the exhibit.
Security Policy (JSON format):
{
"PolicyName": "DataEncryptionPolicy",
"Scope": "All data at rest on production servers",
"Control": "AES-256 encryption must be applied",
"Compliance Standard": "PCI DSS 3.2.1",
"Enforcement": "Automated via system configuration"
}Refer to the exhibit.
SIEM Correlation Rule:
rule BruteForceDetection
{
meta:
description = "Detect multiple failed logins from same source"
strings:
$loginFailed = "Authentication failed" nocase
condition:
#loginFailed > 5 within 120 seconds
}Refer to the exhibit. access-list 101 permit tcp any host 192.168.1.10 eq 443 access-list 101 permit tcp any host 192.168.1.10 eq 80 access-list 101 deny ip any any log
Refer to the exhibit.
{
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::corporate-bucket/*",
"Condition": {
"StringEquals": {
"aws:PrincipalTag/department": "finance"
}
}
}Refer to the exhibit. Syslog entry: Mar 15 14:23:01 firewall: %SEC-6-IPACCESSLOGP: list 100 denied udp 10.0.0.5(1234) -> 192.168.1.1(53) 5 packets
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::mybucket/*"
}
]
}-----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEA... -----END RSA PRIVATE KEY-----
Risk Register Entry: - Asset: Financial Database Server - Threat: SQL Injection - Vulnerability: Unpatched web application - Likelihood: High (3) - Impact: Critical (5) - Risk Score: 15 (High) - Existing Controls: WAF, Input validation - Control Effectiveness: Partial - Residual Risk: Medium (10)