Re: Question Comments added by User

16 views
Skip to first unread message

CCCure Support

unread,
Mar 7, 2020, 9:00:58 AM3/7/20
to CISSPtalks
Good morning, Akif,

There are two terms that you MUST be familiar with when referring to access control:  SUBJECT and OBJECT

A subject is an active entity access an object.  The most common object is a user but it could be a process, an application, or any other entity access data.

An object is a passive entity containing data.  It can be a file, it can be a record within a database, it can be a print queue, etc...

So in this case, the keyword to make sense of this question is the word object. 

Best regards

Clement


On Sat, Mar 7, 2020 at 1:38 AM The CCCure Quiz Engine <sup...@cccure.com> wrote:

Hi Admin,

Below are the detail of question comments added by users:

Name: Akif

QuestionName: What security problem is most likely to exist if an operating system permits objects to be used sequentially by multiple users without forcing a refresh of the objects?
Scenario Question ID: 0
Question ID: 1423

Subject: CISSP (Latest CBK) Online Quiz Comment

Comments: you never mentioned in question it is asking about MEDIA ?

Thanks.



--

---------------------------------------------------------------------------------------------

Clement Dupuis, CD
CCCure Owner and Founder
Chief Learning Officer (CLO) and Security Evangelist
The CCCure Family of Portals
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

For support or queries send an email to:  Sup...@CCCure.Com

----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Learning Portal  -  Find the best Security Tutorials

The CCCure Quiz Engine
 
Knowledge sharing and giving back to the community

Clement Dupuis

unread,
Mar 7, 2020, 9:08:02 AM3/7/20
to cissp...@googlegroups.com
Good morning to all,

I hope you are all doing great in your CISSP Studies.

I did a couple of typo in my previous message:

Where it says: A subject is an active entity access an object.  The most common object is a user but it could be a process, an application, or any other entity access data.

It should have been:
A subject is an active entity accessing an object.  The most common object is a user but it could be a process, an application, or any other entity accessing data.

I guess I need to drink another coffee....

Best regards

Clement


--
===========================================================
Another resource brought to you by CCCure for our Learners
 
Having any issues, contact us at: sup...@cccure.com
 
Visit our NEW quiz at: https://cccure.education/
 
Visit our learning portal at: https://cccure.training
 
Visit the CCCure web store at: https://www.cccure.com
===========================================================
---
You received this message because you are subscribed to the Google Groups "CISSP Study Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cissptalks+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/cissptalks/CAA3tmKsymSBGuUsi%3DXuKYtxFn4yLgpEYg138F9ZfYNh6tUaang%40mail.gmail.com.

CCCure Support

unread,
Mar 7, 2020, 7:15:08 PM3/7/20
to CISSPtalks
Good day, Akif,

Thanks for your comment on this question.

You must clearly understand what is the difference between DRP and BCP.

The Disaster Recovery Plan (DRP) provides procedures for relocating information systems operations to an alternate location. It is Activated after major system disruptions with long-term effects It is an  Information system focused plan that activates one or more Information System Continuity Plans (ISCPs) for recovery of individual systems.

The Business Continuity Plan (BCP) provides procedures for sustaining mission/ business operations while recovering from a significant disruption.  The plan addresses mission/ business processes at a lower or expanded level from COOP Mission Essential Functions (MEFs).  It is a Mission/ business process-focused plan that may be activated in coordination with a COOP plan to sustain non-MEFs

For more details see:
Warsinske, John. The Official (ISC)2 Guide to the CISSP CBK Reference (Kindle Locations 2925-2928). Wiley. Kindle Edition.
Warsinske, John. The Official (ISC)2 Guide to the CISSP CBK Reference (Kindle Locations 2947-2950). Wiley. Kindle Edition.

This question clearly mentioned Business Function which is part of BCP and not DRP.

If the question would have referred to System then DRP would have been the best answer.

Best regards

Clement


On Sat, Mar 7, 2020 at 4:55 PM The CCCure Quiz Engine <sup...@cccure.com> wrote:

Hi Admin,

Below are the detail of question comments added by users:

Name: Akif

QuestionName: Which of the following focuses on sustaining an organization's business functions during and after a disruption?
Scenario Question ID: 0
Question ID: 1028

Subject: CISSP (Latest CBK) Online Quiz Comment

Comment from quiz user: when disaster kicks in then we follow DRP not BCP ?

Thanks.

Reply all
Reply to author
Forward
0 new messages