During a forensic investigation, you discover a file named "passwords.txt" on a compromised workstation. It appears to contain a list of usernames and passwords. What is the MOST important step to take regarding this file? a) Open the file to verify the contents and determine the scope of the potential breach. b) Immediately delete the file to prevent further unauthorized access. c) Securely copy the file to a separate forensic workstation for analysis, ensuring chain of custody. d) Encrypt the file in place and notify the system administrator to change all listed passwords.

A recent security audit is reporting several unsuccessful login attempts being repeated at specific times during the day on an Internet facing authentication server. No alerts have been generated by the security information and event management (SIEM) system . What PRIMARY action should be taken to improve SIEM performance? A. Implement role-based system monitoring B. Audit firewall logs to identify the source of login attempts C. Enhance logging detail D. Confirm alarm thresholds

An organization is implementing a new authentication system that requires strong security and non-repudiation. Which of the following authentication methods BEST fulfills these requirements? A) Using passwords with complex password policies and regular password changes B) Implementing multi-factor authentication (MFA) using one-time passwords (OTPs) sent via SMS C) Employing digital certificates with a public key infrastructure (PKI) D) Utilizing biometric authentication based on fingerprint scanning

Hello all happy to share that I took CISSP exam for the first time today and cleared it Thank you all for your advice and best practice recommendations- helped me tremendously

Domain 1: Security and Risk Management What is the PRIMARY purpose of a business impact analysis (BIA) in a risk management program? A. To identify critical business processes and the impact of disruptions B. To calculate the likelihood of potential threats occurring C. To implement countermeasures for all identified risks D. To evaluate the effectiveness of the incident response team