CISSP Certification 2021 practice questions.
Source: https://thorteaches.com/ Free CISSP practice exam questions for the 2021 CISSP exam version.
ANSWER Francis should determine if there was an authorized change by reviewing the change tickets applied to that server that would account for the change; if the change is not authorized then Francis should alert Security Operations center (SOC). As configuration manager Francis should be informed of all changes affecting the application servers in production. At the instruction of SOC he may replace the three configuration files with copies from one of the other servers, although SOC may want to take copies for forensic investigation before the files are replaced. Simply doing so would undo the change, potentially clobbering an authorized change. If Francis simply calls the SOC they will want to review the authorized changes before Francis to replace the files. The hash functions always result in the same output for the same input, so it is not necessary to re-perform the hash. show lessThe right answer is A.