Download Latest CISSP Questions

 The application type that is considered high risk and that provides a common way for malware and viruses to enter a network is peer-to-peer (P2P) file sharing applications. An application is a type of software or program that can be installed or run on a system or a network, and that can provide various functions or features for the user or the customer, such as communication, entertainment, or productivity. An application can also pose a security risk, as it can introduce or expose various threats or attacks to the system or the network, such as malware or viruses. Malware is a type of malicious or harmful software or code that can be installed or executed on a system or a network, and that can perform various actions or tasks that can cause harm or damage to the system or the network, or to the user or the customer, such as stealing, deleting, or encrypting the data or the information. A virus is a type of malware that can replicate or copy itself, and that can infect or spread to other systems or networks, or to other files or programs, using various methods, such as e-mail, USB, or network.

An access control list (ACL) is a security tool that will ensure authorized data is sent to the application when implementing a cloud-based application. An ACL is a list of rules or policies that specify which users, groups, roles, or processes are allowed or denied access to a resource, such as a file, folder, network, or application. An ACL can also define the type and level of access that is granted or denied, such as read, write, execute, or delete. An ACL can help to protect the confidentiality, integrity, and availability of the data and the application in the cloud environment, by preventing unauthorized access, modification, or deletion. An ACL can also help to enforce the principle of least privilege, by granting only the minimum access required for the legitimate purpose. A host-based intrusion prevention system (HIPS) is a security tool that monitors and blocks malicious or anomalous activities on a host, such as a server, workstation, or device. A HIPS can help to protect the host from attacks, such as malware, exploits, or unauthorized changes, but it does not ensure authorized data is sent to the application. A file integrity monitoring (FIM) tool is a security tool that monitors and detects changes to files or directories, such as creation, deletion, modification, or renaming. A FIM tool can help to protect the integrity and availability of the files or directories, by alerting or reporting on unauthorized or unexpected changes, but it does not ensure authorized data is sent to the application. A data loss prevention (DLP) tool is a security tool that monitors and prevents the leakage or exfiltration of sensitive or confidential data, such as personal information, intellectual property, or trade secrets. A DLP tool can help to protect the confidentiality and integrity of the data, by blocking or encrypting the data before it is transferred, copied, printed, or emailed, but it does not ensure authorized data is sent to the application. References: Official (ISC)2 CISSP CBK Reference, Fifth Edition, Domain 5, Identity and Access Management, page 513. CISSP All-in-One Exam Guide, Eighth Edition, Chapter 5, Identity and Access Management, page 470.

Runtime application self-protection (RASP) is a technology that can be used to monitor and dynamically respond to potential threats on web applications. RASP is a software component that is integrated into the web application or the runtime environment, and it analyzes the behavior and the context of the application and the requests. RASP can detect and prevent attacks such as SQL injection, cross-site scripting, or buffer overflow, by blocking or modifying the malicious requests or responses. RASP can also provide alerts and logs for the security team or the developers. The other options are not correct. Security Assertion Markup Language (SAML) is a standard that enables single sign-on (SSO) and federated identity management for web applications, but it does not monitor or respond to threats. Web application vulnerability scanners are tools that scan web applications for common vulnerabilities and misconfigurations, but they do not provide real-time protection or response. Field-level tokenization is a technique that replaces sensitive data fields with random tokens, and it can reduce the exposure or the impact of a data breach, but it does not monitor or respond to threats. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 4: Security Architecture and Engineering, page 512. Official (ISC)2 CISSP CBK Reference, Fifth Edition, Chapter 4: Security Architecture and Engineering, page 513.

Multiprotocol Label Switching (MPLS) is a WAN technology that requires the first router in the path to determine the full path the packet will travel, removing the need for other routers in the path to make independent determinations. MPLS works by adding a label to each packet at the ingress router, which indicates the forwarding equivalence class (FEC) of the packet. The FEC is a group of packets that share the same destination and quality of service (QoS) requirements. The label is then used by the intermediate routers to forward the packet along a predetermined label-switched path (LSP), without inspecting the packet header or performing routing lookups. The label is removed at the egress router, and the packet is delivered to the destination. MPLS can improve the performance, scalability, and efficiency of WAN networks, as well as support multiple protocols and services12. References: CISSP CBK, Fifth Edition, Chapter 4, page 343; CISSP Practice Exam – FREE 20 Questions and Answers, Question 15.