Thanks for your inquiry this is a great question (see below) and I hear you loud and clear.
Your suggestion of looking at the logs is not one of the 4 choices available. The question does not say what are ALL possible ways that you can determine if controls are functioning properly. The question simply says: Out of the 4 choices presented which one do you think best matches with the question.
You must restrict yourself to the 4 choices presented. Do not attempt to read too much within the question. The correct answer is always ONE of the 4 choices presented.
I have revised the question, added new references and more explanations.
P.S. I have cross posted this answer to the CISSP Study Mailing list as well. I would recommend you make use of the list in the future for such queries. The reason I prefer to use the mailing list is simply because other people can benefit of the answer and join the discussion. The mailing list is also archive which allow future students to search through and find answers to topics that have already been covered. Last but not least on the mailing list you will get multiple answer and not only mine and often time a lot quicker response as well. You can join the mailing list at:
New version of the explanations below:
The correct answer is: Review of software control features and/or parameters
Various operating system software products provide parameters and options for the tailoring of the system and activation of features such as activity logging. Parameters are important in determining how a system runs because they allow a standard piece of software to be customized to diverse environments. The reviewing of software control features and/or parameters is the most effective means of determining how controls are functioning within an operating system and of assessing and operating system's integrity.
The operating system manual should provide information as to what settings can be used but will not likely give any hint as to how parameters are actually set. The product vendor and computer operator are not necessarily aware of the detailed setting of all parameters.
The review of software control features and/or parameters would be part of your security audit. A security audit is typically performed by an independent third party to the management of the system. The audit determines the degree with which the required controls are implemented.
A security review is conducted by the
system maintenance or security personnel to discover vulnerabilities
within the system. A vulnerability occurs when policies are not
followed, misconfigurations are present, or flaws exist in the hardware
or software of the system. System reviews are sometimes referred to as a
Reference(s) used for this question:
Schneiter, Andrew (2013-04-15). Official (ISC)2 Guide to the CISSP CBK, Third Edition : Security Operations, Page 1054, for users with the Kindle edition look at Locations 851-855
Information Systems Audit and Control Association, Certified Information Systems Auditor 2002 review manual, Chapter 3: Technical Infrastructure and Operational Practices (page 102).
Question number: 1503
You can find the list archive at:
CISSPstudy mailing list
To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
|Free forum by Nabble||Edit this page|