[CCCure CISSP] What is the most effective means of determining that controls are functioning properly

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[CCCure CISSP] What is the most effective means of determining that controls are functioning properly

Clement Dupuis
Good day,

Thanks for your inquiry this is a great question (see below) and I hear you loud and clear.

Your suggestion of looking at the logs is not one of the 4 choices available.    The question does not say what are ALL possible ways that you can determine if controls are functioning properly.    The question simply says:  Out of the 4 choices presented which one do you think best matches with the question.

You must restrict yourself to the 4 choices presented.  Do not attempt to read too much within the question.  The correct answer is always ONE of the 4 choices presented.

I have revised the question, added new references and more explanations.

Best regards

Clement

P.S.  I have cross posted this answer to the CISSP Study Mailing list as well.  I would recommend you make use of the list in the future for such queries.  The reason I prefer to use the mailing list is simply because other people can benefit of the answer and join the discussion.   The mailing list is also archive which allow future students to search through and find answers to topics that have already been covered.  Last but not least on the mailing list you will get multiple answer and not only mine and often time a lot quicker response as well.  You can join the mailing list at:

https://www.cccure.org/modules.php?name=News&file=article&sid=431

New version of the explanations below:

The correct answer is:  Review of software control features and/or parameters

Various operating system software products provide parameters and options for the tailoring of the system and activation of features such as activity logging. Parameters are important in determining how a system runs because they allow a standard piece of software to be customized to diverse environments. The reviewing of software control features and/or parameters is the most effective means of determining how controls are functioning within an operating system and of assessing and operating system's integrity.

The operating system manual should provide information as to what settings can be used but will not likely give any hint as to how parameters are actually set. The product vendor and computer operator are not necessarily aware of the detailed setting of all parameters.

The review of software control features and/or parameters would be part of your security audit.  A security audit is typically performed by an independent third party to the management of the system. The audit determines the degree with which the required controls are implemented.

A security review is conducted by the system maintenance or security personnel to discover vulnerabilities within the system. A vulnerability occurs when policies are not followed, misconfigurations are present, or flaws exist in the hardware or software of the system. System reviews are sometimes referred to as a vulnerability assessment.
 

Reference(s) used for this question:

Schneiter, Andrew (2013-04-15). Official (ISC)2 Guide to the CISSP CBK, Third Edition : Security Operations, Page 1054,  for users with the Kindle edition look at Locations 851-855

and

Information Systems Audit and Control Association, Certified Information Systems Auditor 2002 review manual, Chapter 3: Technical Infrastructure and Operational Practices (page 102).



Question number: 1503

Question: What is the most effective means of determining that controls are functioning properly within an operating system?

Comment:
I find this answer to be a bit erroneous. Just because the control features and options are reviewed doesn\'t assure that they are functioning properly. It would seem that a review of the logs to determine the effectiveness of the policies would be most the best course of action.


_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org