Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP All-in-One Practice Question > Domain 4 > Flashcards

Domain 4 Flashcards

Communication and Network Security

1
Q

Which of the following protocols is considered connection-oriented?
A. IP
B. ICMP
C. UDP
D. TCP

A

D. TCP is the only connection-oriented protocol listed. A connection-oriented
protocol provides reliable connectivity and data transmission, while a connectionless
protocol provides unreliable connections and does not promise or ensure data
transmission.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following shows the layer sequence as layers 2, 5, 7, 4, and 3?
A. Data link, session, application, transport, and network
B. Data link, transport, application, session, and network
C. Network, session, application, network, and transport
D. Network, transport, application, session, and presentation

A

A. The OSI model is made up of seven layers: application (layer 7), presentation
(layer 6), session (layer 5), transport (layer 4), network (layer 3), data link
(layer 2), and physical (layer 1).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Metro Ethernet is a MAN protocol that can work in network infrastructures
made up of access, aggregation, metro, and core layers. Which of the following
best describes these network infrastructure layers?
A. The access layer connects the customer’s equipment to a service provider’s
aggregation network. Aggregation occurs on a core network. The metro layer
is the metropolitan area network. The core connects different metro networks.
B. The access layer connects the customer’s equipment to a service provider’s core
network. Aggregation occurs on a distribution network at the core. The metro
layer is the metropolitan area network.
C. The access layer connects the customer’s equipment to a service provider’s
aggregation network. Aggregation occurs on a distribution network. The metro
layer is the metropolitan area network. The core connects different access layers.
D. The access layer connects the customer’s equipment to a service provider’s aggregation network. Aggregation occurs on a distribution network. The metro layer is the metropolitan area network. The core connects different metro networks.

A

D. The access layer connects the customer’s equipment to a service provider’s
aggregation network. Aggregation occurs on a distribution network. The metro
layer is the metropolitan area network. The core connects different metro
networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Systems that are built on the OSI model are considered open systems. What does
this mean?
A. They do not have authentication mechanisms configured by default.
B. They have interoperability issues.
C. They are built with internationally accepted protocols and standards so they
can easily communicate with other systems.
D. They are built with international protocols and standards so they can choose what types of systems they will communicate with.

A

C. An open system is a system that has been developed based on standardized
protocols and interfaces. Following these standards allows the systems to
interoperate more effectively with other systems that follow the same standards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following protocols work in the following layers: application, data
link, network, and transport?
A. FTP, ARP, TCP, and UDP
B. FTP, ICMP, IP, and UDP
C. TFTP, ARP, IP, and UDP
D. TFTP, RARP, IP, and ICMP

A

C. These listed protocols work at these associated layers: TFTP
(application), ARP (data link), IP (network), and UDP (transport).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What takes place at the data link layer?
A. End-to-end connection
B. Dialog control
C. Framing
D. Data syntax

A

C. The data link layer, in most cases, is the only layer that understands the
environment in which the system is working, whether it be Ethernet, Token
Ring, wireless, or a connection to a WAN link. This layer adds the necessary
headers and trailers to the frame. Other systems on the same type of network
using the same technology understand only the specific header and trailer format
used in their data link technology.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What takes place at the session layer?
A. Dialog control
B. Routing
C. Packet sequencing
D. Addressing

A

A. The session layer is responsible for controlling how applications communicate,
not how computers communicate. Not all applications use protocols that work
at the session layer, so this layer is not always used in networking functions. A
session layer protocol sets up the connection to the other application logically
and controls the dialog going back and forth. Session layer protocols allow
applications to keep track of the dialog.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which best describes the IP protocol?
A. A connectionless protocol that deals with dialog establishment, maintenance,
and destruction
B. A connectionless protocol that deals with the addressing and routing of packets
C. A connection-oriented protocol that deals with the addressing and routing
of packets
D. A connection-oriented protocol that deals with sequencing, error detection,
and flow control

A

B. The IP protocol is connectionless and works at the network layer. It adds source
and destination addresses to a packet as it goes through its data encapsulation
process. IP can also make routing decisions based on the destination address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following is not one of the messages exchanged during the DHCP
lease process?
i. Discover
ii. Offer
iii. Request
iv. Acknowledgment
A. All of them are exchanged
B. None of them are exchanged
C. i, ii
D. ii, iii

A

B. The four-step DHCP lease process is
1. DHCPDISCOVER message: This message is used to request an IP address lease from a DHCP server.
2. DHCPOFFER message: This message is a response to a DHCPDISCOVER message, and is sent by one or numerous DHCP servers.
3. DHCPREQUEST message: The client sends this message to the initial DHCP server that responded to its request.
4. DHCPACK message: This message is sent by the DHCP server to the DHCP client and is the process whereby the DHCP server assigns the IP address lease to the DHCP client.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

An effective method to shield networks from unauthenticated DHCP clients is
through the use of __________ on network switches.
A. DHCP snooping
B. DHCP protection
C. DHCP shielding
D. DHCP caching

A

A. DHCP snooping ensures that DHCP servers can assign IP addresses to only
selected systems, identified by their MAC addresses. Also, advance network
switches now have the capability to direct clients toward legitimate DHCP servers
to get IP addresses and to restrict rogue systems from becoming DHCP servers
on the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following is not a characteristic of the IEEE 802.11a standard?
A. It works in the 5-GHz range.
B. It uses the OFDM spread-spectrum technology.
C. It provides 52 Mbps in bandwidth.
D. It covers a smaller distance than 802.11b.

A

C. The IEEE standard 802.11a uses the OFDM spread-spectrum technology,
works in the 5-GHz frequency band, and provides bandwidth of up to 54 Mbps.
The operating range is smaller because it works at a higher frequency.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Wireless LAN technologies have gone through different versions over the years
to address some of the inherent security issues within the original IEEE 802.11
standard. Which of the following provides the correct characteristics of WPA2 in
Enterprise mode?
A. IEEE 802.1X, WEP, MAC
B. IEEE 802.1X, EAP, TKIP
C. IEEE 802.1X, EAP, WEP
D. IEEE 802.1X, EAP, CCMP

A

D. Wi-Fi Protected Access 2 requires IEEE 802.1X or preshared keys for
access control, Extensible Authentication Protocol (EAP) or preshared keys
for authentication, and the Advanced Encryption Standard (AES) algorithm in
counter mode with CBC-MAC Protocol (CCMP) for encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following is not a characteristic of Li-Fi networks?
A. Support for high client densities
B. High latency
C. Constrained coverage area
D. Can work on the infrared spectrum

A

B. Latency is the delay in data transfers, which is extremely low in Li-Fi networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How would you best ensure the security of a ZigBee system?
A. Ensure a coordinator acts as a Trust Center
B. Use 256-bit encryption keys
C. Deploy in a ring topology with preassigned slots for each device
D. Use the Symmetric-Key Key Establishment (SKKE) protocol to derive keys

A

A. Using a Trust Center provides a way to centrally authenticate devices and
securely manage encryption keys, which are 128 bits (not 256). Without a Trust
Center, the SKKE protocol can be used to derive keys, but this approach is not as
secure. ZigBee does not support ring topologies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following is a Bluetooth-specific attack that allows unauthorized
read/write access from a wireless device?
A. Bluejacking
B. Replay attack
C. Smurf attack
D. Bluesnarfing

A

D. Bluesnarfing could allow an attacker to read, modify, or delete calendar
events, contacts, e-mails, text messages, and so on. Bluejacking is the only other
Bluetooth attack option, but this refers to someone sending an unsolicited
message to a device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What does the IEEE 802.1X standard cover?
A. A Management Frame Protection (MFP) that prevents replay and denial-ofservice (DoS) attacks
B. Wi-Fi Protected Access 2 (WPA2)
C. Security extensions to the physical layer (PHY) and Media Access Control (MAC) sublayer of the data link layer in the OSI model
D. An access control protocol for user authentication and key distribution

A

D. 802.1X is an access control protocol that can be implemented on both wired
and wireless networks for user authentication and key distribution. MFP is
covered in 802.11w, WPA2 is covered in 802.11i, and the other option (security
extensions) was a distracter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which of the following is not a disadvantage of satellite networks compared to
terrestrial ones?
A. Latency
B. Cost
C. Bandwidth
D. Video conferencing

A

C. If you have the budget for it, data rates on satellite networks are comparable
with other modes of communication. These systems, however, are typically more
expensive and have high latencies, which means they are not well suited for
time-sensitive applications, such as voice and video conferencing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Use the following scenario to answer Questions 8–10. You are planning an upgrade for
the wireless network at one of your manufacturing sites and want to use this as an
opportunity to improve network security. The current system is based on 10-year-old
wireless access points (WAPs) that implement 802.11g. You’re using WPA2 in Personal
mode because you have multiple Industrial Internet of Things (IIoT) devices. You can
update the firmware on the WAPs, but you really think it’s time for an upgrade.

  1. What could make it harder for you to switch from WPA2 Personal mode to
    Enterprise mode?
    A. Enterprise mode requires licenses that can be costly.
    B. The WAPs may not support Enterprise mode.
    C. IIoT devices may not support Enterprise mode.
    D. The return on investment is insufficient
  2. What is the best technology to which you should consider upgrading?
    A. IEEE 802.16
    B. IEEE 802.11w
    C. IEEE 802.11f
    D. IEEE 802.11ax
  3. The existing wireless network has recently become unusable, and you suspect you
    may be the target of a persistent Wi-Fi deauthentication attack. How can you
    best mitigate this threat?
    A. Deploy WPA3 access points across the facility
    B. Perform MAC address filtering to keep the rogue stations off the network
    C. Immediately update the firmware on the access points to support 802.11w
    D. Change the channel used by the WAPs
A
  1. D. If a WAP supports WPA2, it would do so in either Personal or Enterprise
    mode as long as it can be connected to the needed backend services (e.g., a
    RADIUS server), with no need for additional licensing. Thus, the change would
    not typically be expected to have ROI issues. However, many embedded devices,
    including IIoT, do not support this mode and would have to be replaced.
  2. D. 802.11ax is the only standard describing a WLAN among the list of
    options. 802.16 is used in metropolitan area networks (MANs). 802.11w covers
    Management Frame Protection (MFP) in wireless networks. 802.11f deals with
    users roaming among access points.
  3. C. 802.11w provides Management Frame Protection (MFP) capabilities that
    would mitigate this type of attack. This is included in WPA3, so either answer
    would generally work. However, it is probably faster, cheaper, and safer to roll
    out 802.11w upgrades first, which would likely have no negative effects on the
    networks, while research and planning continue on how to best implement a
    WPA3 solution across the enterprise. This is a good example of the types of
    ambiguous questions you’ll see on the CISSP exam.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which of the following provides secure end-to-end encryption?
A. Transport Layer Security (TLS)
B. Secure Sockets Layer (SSL)
C. Layer 2 Tunneling Protocol (L2TP)
D. Domain Name System Security Extensions (DNSSEC)

A

A. TLS and SSL are the only two answers that provide end-to-end encryption, but SSL is insecure, so it’s not a good answer.

20
Q

Which of the following can take place if an attacker is able to insert tagging
values into network- and switch-based protocols with the goal of manipulating
traffic at the data link layer?
A. Open relay manipulation
B. VLAN hopping attack
C. Hypervisor denial-of-service attack
D. DNS tunneling

A

B. VLAN hopping attacks allow attackers to gain access to traffic in various VLAN segments. An attacker can have a system act as though it is a switch. The system understands the tagging values being used in the network and the trunking protocols and can insert itself between other VLAN devices and gain access to the traffic going back and forth. Attackers can also insert tagging values to manipulate the control of traffic at this data link layer.

21
Q

Which of the following provides an incorrect definition of the specific component or protocol that makes up IPSec?
A. Authentication Header protocol provides data integrity, data origin authentication, and protection from replay attacks.
B. Encapsulating Security Payload protocol provides confidentiality, data origin
authentication, and data integrity.
C. Internet Security Association and Key Management Protocol provides a framework for security association creation and key exchange.
D. Internet Key Exchange provides authenticated keying material for use with
encryption algorithms.

A

D. Authentication Header protocol provides data integrity, data origin authentication, and protection from replay attacks. Encapsulating Security Payload protocol provides confidentiality, data origin authentication, and data integrity. Internet Security Association and Key Management Protocol provides a framework for security association creation and key exchange. Internet Key Exchange provides authenticated keying material for use with ISAKMP.

22
Q

Alice wants to send a message to Bob, who is several network hops away from her.
What is the best approach to protecting the confidentiality of the message?
A. PPTP
B. S/MIME
C. Link encryption
D. SSH

A

B. Secure Multipurpose Internet Mail Extensions (S/MIME) is a standard for
encrypting and digitally signing e-mail and for providing secure data transmissions
using public key infrastructure (PKI).

23
Q

Which technology would best provide confidentiality to a RESTful web service?
A. Web Services Security (WS-Security)
B. Transport Layer Security (TLS)
C. HTTP Secure (HTTPS)
D. Simple Object Access Protocol (SOAP)

A

C. Either TLS or HTTPS would be a correct answer, but since web services in general and RESTful ones in particular require HTTP, HTTPS is the best choice. Keep in mind that you are likely to come across similar questions where multiple answers are correct but only one is best. SOAP is an alternative way to deliver web services and uses WS-Security for confidentiality.

24
Q

Which of the following protections are provided by Domain Name System Security
Extensions (DNSSEC)?
A. Confidentiality and integrity
B. Integrity and availability
C. Integrity and authentication
D. Confidentiality and authentication

A

C. Domain Name System Security Extensions (DNSSEC) is a set of IETF
standards that ensures the integrity and authenticity of DNS records but not their
confidentiality or availability.

25
Q

Which approach provides the best protection against e-mail spoofing?
A. Internet Message Access Protocol (IMAP)
B. Domain-based Message Authentication, Reporting and Conformance (DMARC)
C. Sender Policy Framework (SPF)
D. DomainKeys Identified Mail (DKIM)

A

B. Domain-based Message Authentication, Reporting and Conformance (DMARC)
systems incorporate both SPF and DKIM to protect e-mail. IMAP does not have
any built-in protections against e-mail spoofing.

26
Q

Which of the following is a multilayer protocol developed for use in supervisory
control and data acquisition (SCADA) systems?
A. Controller Area Network (CAN) bus
B. Simple Authentication and Security Layer (SASL)
C. Control Plane Protocol (CPP)
D. Distributed Network Protocol 3 (DNP3)

A

D. DNP3 is a multilayer communications protocol designed for use in SCADA
systems, particularly those within the power sector

27
Q

All of the following statements are true of converged protocols except which one?
A. Distributed Network Protocol 3 (DNP3) is a converged protocol.
B. Fibre Channel over Ethernet (FCoE) is a converged protocol.
C. IP convergence addresses a specific type of converged protocols.
D. The term includes certain protocols that are encapsulated within each other

A

A. DNP3 is a multilayer communications protocol that was designed for use in
SCADA systems and has not converged with other protocols. All other statements
are descriptive of converged protocols.

28
Q

Suppose you work at a large cloud service provider that has thousands of customers
around the world. What technology would best support segmentation of your
customers’ environments?
A. Virtual local area network (VLAN)
B. Virtual eXtensible Local Area Network (VxLAN)
C. Software-defined wide area networking (SD-WAN)
D. Layer 2 Tunneling Protocol (L2TP)

A

B. Since there are thousands of customers to support, VxLAN is the best choice
because it can support over 16 million subnetworks. Traditional VLANs are
capped at just over 4,000 subnetworks, which would not be able to provide more
than a few segments to each customer.

29
Q

Which of the following is true of asynchronous transmission signals?
A. Used for high-speed, high-volume transmissions
B. Robust error checking
C. Used for irregular transmission patterns
D. More complex, costly implementation

A

C. Asynchronous communications are typically used when data transfers happen
at lower volumes and with unpredictable intervals. All other answers describe
synchronous signaling, which is best suited for regular, high-volume traffic.

30
Q

Which of the following technologies divides a communication channel into
individual and independent subchannels?
A. Baseband
B. Broadband
C. Circuit-switched
D. Crosstalk

A

B. A broadband technology divides the communication channel into individual
and independent subchannels so that different types of data can be transmitted
simultaneously. A baseband technology, on the other hand, uses the entire
communication channel for its transmission.

31
Q

What type of cabling would you use if you needed inexpensive networking in an
environment prone to electromagnetic interference?
A. Fiber-optic
B. Unshielded twisted pair (UTP)
C. Plenum
D. Coaxial

A

D. Coaxial cable has a copper core that is surrounded by a shielding layer and
grounding wire, which makes it more resistant to electromagnetic interference
(EMI). It is significantly cheaper than fiber-optic cable, which is the other
EMI-resistant answer listed, while still allowing higher bandwidths.

32
Q

Which of the following issues would be likeliest to cause problems in a cable tray
where large numbers of cables run in parallel and close proximity?
A. Thermal noise
B. Line noise
C. Crosstalk
D. Attenuation

A

C. Crosstalk is a phenomenon that occurs when electrical signals of one wire spill
over to the signals of another wire. The more cables you have in close proximity,
the worse this issue can be unless you use shielded cables.

33
Q

What problem is inevitable as the length of a cable run increases?
A. Thermal noise
B. Line noise
C. Crosstalk
D. Attenuation

A

D. Attenuation is the loss of signal strength as it travels. Regardless of which type
of cabling is used, attenuation is inevitable given a long enough distance, which is
why repeaters were invented

34
Q

What is the term for the maximum amount of data that actually traverses a given
network link?
A. Latency
B. Bandwidth
C. Throughput
D. Maximum transmission unit (MTU)

A

C. Data throughput is the actual amount of data that can be carried over a real
link. Bandwidth, on the other hand, is the amount of information that can
theoretically be transmitted over a link within a second.

35
Q

Which protocol ensures that frames being forwarded by switches do not circle
networks forever?
A. Open Shortest Path First (OSPF)
B. Border Gateway Protocol (BGP)
C. Intermediate System-to-Intermediate System (IS-IS)
D. Spanning Tree Protocol (STP)

A

D. Spanning Tree Protocol (STP) ensures that forwarded frames do not circle
networks forever, provides redundant paths in case a bridge goes down, assigns
unique identifiers to each bridge, assigns priority values to these bridges, and
calculates path costs. The other answers are all routing (layer 3) protocols

36
Q

Which standard specifically addresses issues in network access control?
A. IEEE 802.1Q
B. IEEE 802.1aq
C. IEEE 802.AE
D. IEEE 802.1X

A

D. The 802.1X protocol allows devices to connect in a very limited manner
(i.e., only to the network authenticator) until the device and/or user can be
authenticated. The other standards listed all pertain to layer 2 bridging and security

37
Q

Which of the following would not be considered an endpoint?
A. Point of sale (POS) terminal
B. Industrial control system (ICS)
C. Internet of Things (IoT) device
D. Multiprotocol Label Switching (MPLS) system

A

D. An endpoint is any computing device that communicates through a network
and whose principal function is not to mediate communications for other devices
on that network. MPLS functionality is built into networking devices to help
them move packets between endpoints more efficiently.

38
Q

All of the following are good reasons to implement a content distribution
network except for which one?
A. Reduced latency
B. Reduced total cost of ownership (TCO)
C. Protection against distributed denial-of-service (DDoS) attacks
D. Tailoring content to users around the world

A

B. A content distribution network (CDN) consists of multiple servers distributed
across a large region, each of which provides content that is optimized for users
closest to it. This improves latency and localization. The very distributed nature
of the CDN also provides DDoS protections. It all comes at significant costs and
increases the complexity of deploying systems and content, which may require
additional organizational resources apart from the service itself

39
Q

In which type of networks is the Signaling System 7 (SS7) protocol used?
A. Integrated Services Digital Network (ISDN)
B. IP telephony network
C. Real-time Transport Protocol (RTP) network
D. Public switched telephone network (PSTN)

A

D. The SS7 protocol is used in a PSTN to set up, control, and disconnect calls

40
Q

Which of the following is true about the Session Initiation Protocol (SIP)?
A. Used to establish virtual private network (VPN) sessions
B. Framework for authenticating network connections
C. Session layer protocol for out-of-band statistics
D. Application layer protocol used in online gaming communications

A

D. SIP is an application layer protocol used for call setup and teardown in
IP telephony, video and multimedia conferencing, instant messaging, and online
gaming.

41
Q

Which of the following is not considered a best practice for securing multimedia
collaboration platforms?
A. Don’t record meetings unless necessary
B. Use consumer-grade products
C. Use AES 256-bit encryption
D. Restrict participants’ sharing of their screens or cameras as appropriate

A

B. Consumer-grade products almost always lack the security controls and
management features that we need to properly secure multimedia collaboration
platforms.

42
Q

How could you best protect a unified communications (UC) platform?
A. Protect it as you would any other systems
B. Enable Password Authentication Protocol (PAP)
C. Use the Session Initiation Protocol (SIP) for every new session
D. Ensure the hub is protected against physical and logical threats

A

D. Securing UC involves similar security controls that we would apply to
any other communications platform, but with a couple of important caveats.
Unified communications rely on a central hub that integrates, coordinates,
and synchronizes the various technologies. You want to ensure that this hub is
adequately protected against physical and logical threats.

43
Q

Use the following scenario to answer Questions 1–3. You are the CISO of a research and
development company that is transitioning to a 100 percent remote workforce, so your
entire staff will be working from home. You don’t have enough laptops for all your staff,
so those without one will be using their personal computers and printers for work. Your
VPN concentrators are sufficient to support the entire workforce, and you will be requiring all staff members to connect to the VPN.
1. Which authentication protocol would be best for your VPN connections?
A. Password Authentication Protocol (PAP)
B. Challenge Handshake Authentication Protocol (CHAP)
C. Extensible Authentication Protocol (EAP)
D. Session Initiation Protocol (SIP)

  1. Which of the following additional VPN configurations should you also enable?
    A. Split tunneling
    B. Full tunneling
    C. VPN kill switch
    D. Hybrid tunneling
  2. Which of the following will best protect the confidentiality of your sensitive
    research data?
    A. Secure Shell (SSH)
    B. Virtualized networks
    C. Virtual desktop infrastructure (VDI)
    D. Remote Procedure Calls (RPC)
A
  1. C. EAP is considered much more secure than both PAP (which is not secure at all)
    and CHAP. SIP does not provide authentication mechanisms at all.
  2. A. Because your staff will be using printers on their home networks, you will have to enable split tunneling, which allows some traffic to be sent over the VPN and
    other traffic to go to the local network or to the Internet directly.
  3. C. VDI allows your sensitive data to remain in your protected network even as
    users are able to work with it over a virtual desktop. Properly configured, this
    infrastructure prevents any sensitive research data from being stored on the
    remote user’s computer.
44
Q

During a recent review of your enterprise architecture, you realize that many
of your mission-critical systems rely on Remote Procedure Call (RPC). What
measures should you take to ensure remote procedure calls are secured?
A. Implement ITU standard H.323
B. Tunnel RPC through Transport Layer Security (TLS)
C. Use the Password Authentication Protocol (PAP) for authentication
D. Enforce client-side authentication

A

B. Since many implementations of RPC lack security controls, many organizations
require TLS for authenticating hosts and encrypting RPC traffic.

45
Q

Which of the following is not an advantage of virtual desktops?
A. Reduced user downtime during incident response
B. Support for both persistent and nonpersistent sessions
C. Support for both physical and remote logins
D. Better implementation of data retention standards

A

C. VDI is particularly helpful in regulated environments because of the ease
with which it supports data retention, configuration management, and incident
response through persistent and nonpersistent sessions. However, since VDI
relies on VMs in a data center, there is not a computer at which a user could
physically log in

CISSP All-in-One Practice Question (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions