ISC 2 Credentials CISSP Full Course Free

Session management is the process of controlling and maintaining the state and information of a user’s interaction with a web service. It involves creating, maintaining, and terminating sessions, as well as ensuring their security and integrity. An attacker who is able to remain indefinitely logged into a web service is exploiting a weakness in session management, such as the lack of session expiration, session timeout, or session revocation. Alert management, password management, and identity management (IM) are all related to security, but they do not directly address the issue of session management. 

 The threat that would be most likely mitigated by monitoring assets containing open source libraries for vulnerabilities is a zero-day attack. A zero-day attack is a type of attack that exploits a previously unknown or undisclosed vulnerability in a system or application, before the vendor or developer can release a patch or a fix for the vulnerability. A zero-day attack can cause severe damage or compromise to the system or application, as there is no available defense or protection against the attack. A zero-day attack can target any system or application, but it can be more prevalent or effective against those that contain open source libraries, as the open source libraries are publicly available and accessible, and can be analyzed or reverse-engineered by the attackers to discover and exploit the vulnerabilities. Monitoring assets containing open source libraries for vulnerabilities can help to mitigate a zero-day attack, as it can help to identify and report the vulnerabilities in the open source libraries, and to apply the patches or fixes as soon as they are available . References: [CISSP CBK, Fifth Edition, Chapter 3, page 239]; [100 CISSP Questions, Answers and Explanations, Question 18].

The first step required in establishing a records retention program is to draft a records retention policy. A records retention policy is a document that defines the objectives, scope, roles, and responsibilities of the records retention program. A records retention policy also specifies the criteria and procedures for identifying, classifying, storing, preserving, retrieving, and disposing of records, as well as the legal, regulatory, and business requirements for records retention. A records retention policy provides the foundation and guidance for the records retention program, and helps to ensure the compliance, security, and availability of the records. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 2: Asset Security, page 66; [Official (ISC)2 CISSP CBK Reference, Fifth Edition, Chapter 2: Asset Security, page 128]

The most appropriate strategy for the log retention of a cloud service provider that requires its customer organizations to enable maximum audit logging for its data storage service and to retain the logs for the period of three months, given that the audit logging generates extremely high amount of logs, is to keep last week’s logs in an online storage and the rest in a near-line storage. Online storage is a type of storage that is directly accessible by the system or application, such as hard disk drives, solid state drives, or flash drives. Online storage is fast, convenient, and reliable, but it is also expensive and consumes more power. Near-line storage is a type of storage that is not directly accessible by the system or application, but can be made accessible within a short time, such as tape drives, optical disks, or removable media. Near-line storage is slower, less convenient, and less reliable than online storage, but it is also cheaper and consumes less power. By keeping last week’s logs in an online storage and the rest in a near-line storage, the cloud service provider can balance the trade-offs between performance, cost, and availability of the logs. The logs that are most likely to be accessed or analyzed are kept in the online storage, while the logs that are less likely to be accessed or analyzed are kept in the near-line storage. This way, the cloud service provider can meet the log retention requirement without wasting too much resources or compromising the security of the logs. Keeping all logs in an online storage, keeping all logs in an offline storage, or keeping last week’s logs in an online storage and the rest in an offline storage are not appropriate strategies for the log retention of the cloud service provider. Keeping all logs in an online storage would be too costly and inefficient, as it would consume too much disk space and power for logs that are rarely accessed or analyzed. Keeping all logs in an offline storage or keeping last week’s logs in an online storage and the rest in an offline storage would be too risky and inconvenient, as it would make the logs inaccessible or difficult to access in case of an audit, investigation, or incident response. Offline storage is a type of storage that is not accessible by the system or application, and requires manual intervention to access, such as archived tapes, disks, or media. References: Official (ISC)2 CISSP CBK Reference, Fifth Edition, Domain 7, Security Operations, page 697. CISSP All-in-One Exam Guide, Eighth Edition, Chapter 7, Security Operations, page 660.