CISSP Question #1431: Real Exam Question with Answer & Explanation

Question

Which of the following vulnerability assessment activities BEST exemplifies the Examine method of assessment?

Options

• AEnsuring that system audit logs capture all relevant data fields required by the security controls
• BPerforming Port Scans of selected network hosts to enumerate active services
• CAsking the Information System Security Officer (ISSO) to describe the organization's patch
• DLogging into a web server using the default administrator account and a default password

Explanation

Asking the Information System Security Officer (ISSO) to describe the organization's patch management processes is the vulnerability assessment activity that best exemplifies the Examine method of assessment. The Examine method of assessment is a type of vulnerability assessment method that involves reviewing and analyzing the documentation, policies, procedures, and configurations of the system or network, to identify any gaps, weaknesses, or inconsistencies that may pose a security risk. The Examine method of assessment does not involve any active testing or scanning of the system or network, but rather relies on the information and evidence provided by the system or network owners, administrators, or users. Asking the ISSO to describe the organization's patch management processes is an example of the Examine method of assessment, as it involves reviewing and analyzing the patch management policies and procedures, to determine if they are adequate, effective, and compliant with the security standards and best practices.

No community discussion yet for this question.