As configuration manager for an application, Francis checks the daily message digests of the files stored on ten production servers and finds out that one server has different message digests for three configuration files. What is the BEST action Francis should do? A. Review the change tickets applied to that server that would account for the change; if the change is not authorized then alert SOC. B. Replace the three configuration files with copies from one of the other servers. C. Re-perform the hash to see if the message digest changes. D. Call the SOC to ask if they want him to replace the files with copies from another server.

CISSP Certification 2021 practice questions.
Source: https://thorteaches.com/ Free CISSP practice exam questions for the 2021 CISSP exam version.

ANSWER

The right answer is A.

 

 Francis should determine if there was an authorized change by reviewing the change tickets applied to that server that would account for the change; if the change is not authorized then Francis should alert Security Operations center (SOC). As configuration manager Francis should be informed of all changes affecting the application servers in production. At the instruction of SOC he may replace the three configuration files with copies from one of the other servers, although SOC may want to take copies for forensic investigation before the files are replaced. Simply doing so would undo the change, potentially clobbering an authorized change. If Francis simply calls the SOC they will want to review the authorized changes before Francis to replace the files. The hash functions always result in the same output for the same input, so it is not necessary to re-perform the hash.

show less

Complete-for-widget
Start learning today

CISSP: All videos and practice questions from ThorTeaches

What our students are saying:

Anthony Jones
Anthony JonesWCDC Site Supervisor Bunzl Safety
Read More
A friend of mine first recommended Thor’s CISSP video series on Udemy and I was glad that he did! The course content was fantastic and to the point, and the real-world examples it provides helped me synthesize and apply the information. Also, a special shout out to the essential information elephants! (You’ll know what I mean). This resource was by far my favorite video series that I utilized in my successful studying for and passing of the CISSP exam in May 2020. Thank you for the fantastic content!
Danny Tolnay
Danny TolnayInfosec Analyst  Hedge Fund
Read More
Thor’s commitment to his students really comes through in his videos. He has a talent for keeping it to the essentials, and the little jokes that are peppered in every now and again help keep it feeling light and fresh. I am so glad that I found his material for my CISSP studies, he is definitely a big reason why I passed. Thanks Thor!
Sven De Preter
Sven De PreterSenior Network & System Administrator NV Antwerps Sportpaleis
Read More
Thor’s bootcamp is a great way to recapitulate all the content provided in the CISSP CBK. It’s clear, concise, structured and affordable. Definitely a great tool that helps in preparing for the exam. Thanks Thor
Peter Peterson
Peter PetersonCyber Risk Management New York State Chief Information Security Office
Read More
I am not sure what else there is to say that has not been said about Thor. You can tell he has a passion for teaching and really does care about his students. His videos are short and to the point which is wonderful for courses like CISSP which has such a large scope it makes it frustrating at times. Thor’s material is a breath of fresh air, and I can say without them I may not have passed. Thank you, Thor!
Previous
Next