Yes. Coffee shots are helpful and provoke our thinking. Please continue the efforts for all the students and hopefully your passion. Thank you for wonderful video.
Regarding SQL injection and cross site scripting attacks question, WAP can effectively prevent as it also provides input validation. It’s one of many reasons why we implement WAP, but your explanation addressed that WAP can’t do input validation and option C - Input Validation and Output encoding is the best for your choice. May you help explain more Probh ?
I have the same question, these types of attacks are literally the reason why WAFs are implemented, so trying to understand why you are saying that having a WAF in front of the application still allows you to do SQL injections for example? Need some valid explanation on why C option is better than A. Thanks
@@c4stielro Not only that but the "coding is done" doesn't that imply that we are past the stage where we CODE input validation and output encoding? If I saw this question on the test I also would pick WAF. Love these videos regardless.
Based on my work experience, I would believe that the correct awnser to question 1 is Vulnerability Management. I already saw a lot that changes for patch management where set to "implemented" and "successfull", however some servers where not patched. Then this gets picked up by Vulnerability reports and we inform the engineers to patch urgently the servers that where missed. Or should we ignore work experience when taking the CISSP and assume that patch management also includes that the engineers actually check if all servers are patched?
Thanks a lot Prabh for these shots. Excellent. Regarding the question related to symmetric and asymmetric, the answer 'Both' is right only because the question says that they are considering using symmetric and asymmetric. If that was not mentioned, then it would have been just asymmetric, because out of three answer we cannot chose both. hope my understanding is correct.
I can not agree with the answer to the Qun 1, It should be Vulnerability Management ,, B. Vulnerability Management This is the most comprehensive and forward-looking option. A robust vulnerability management program encompasses the identification, prioritization, and remediation of vulnerabilities, including patching legacy systems. It addresses the root cause (unpatched systems) and provides a framework to prevent similar issues in the future.
Yes I do agree that patch management is to be done urgently so that the breach may spread to other domains. Also. But I feel incident management has a key role to play. The same thing could appear with another customers portal also .Please clear my doubt.
Hi Prabh, Data Loss Prevention (DLP) and Mobile Device Management (MDM) are two distinct technologies that serve different purposes. DLP is a security solution that helps organizations prevent data leakage by monitoring, detecting, and blocking sensitive data from leaving the organization’s network. On the other hand, MDM is a device management solution that helps organizations manage and secure mobile devices such as smartphones, tablets, and laptops. MDM solutions include features such as device configuration, secure app distribution, and remote wipe, while DLP solutions include features such as data classification, encryption, and access controls 3. Therefore, DLP is not part of MDM solution. Please help to clarify.
NAC check the status of device before allowing them to connect to network i.e check security policy/ malware status etc . Dont you think in last question NAC may be a better solution. Secondly i thought MDM was for mobile smartphone device. BYOD can be a laptop as well.. i might be wrong.. kindly explain if posssible
Can not agree with the answer to Qun3, Given that the coding phase is complete, the choice depends on whether the organization is willing to revisit the code: If revisiting the code is feasible: c) Input validation and output encoding remain the best recommendation, as they directly address the vulnerabilities and provide long-term security. If revisiting the code is not feasible (due to time or resource constraints): a) Web Application Firewall (WAF) becomes the next best option as a compensating control to protect the application against these attacks at runtime. Now assessing as a "Security Professions" you are recommending to go back to development phase?
Hi Prabh, How can we identify the vulnerability if there is no vulnerability management ? Patch management is something not done by security team, but IT team right. So can the answer be Vulnerability management ? That comes first I believe.
As you can read they already know the breache occure due to '' a vulnerability they do not patched well'' so I'm thinking that if they've done this manually, it could lead to this very problem, hence the importance of a management patch.
is not patch management a subset of vulnerability management ? Hence answer should be the latter.
Yes. Coffee shots are helpful and provoke our thinking.
Please continue the efforts for all the students and hopefully your passion.
Thank you for wonderful video.
Regarding SQL injection and cross site scripting attacks question, WAP can effectively prevent as it also provides input validation. It’s one of many reasons why we implement WAP, but your explanation addressed that WAP can’t do input validation and option C - Input Validation and Output encoding is the best for your choice. May you help explain more Probh ?
Can u help me with questions nun
11:43... @@PrabhNair1
I have the same question, these types of attacks are literally the reason why WAFs are implemented, so trying to understand why you are saying that having a WAF in front of the application still allows you to do SQL injections for example? Need some valid explanation on why C option is better than A. Thanks
@@c4stielro Not only that but the "coding is done" doesn't that imply that we are past the stage where we CODE input validation and output encoding? If I saw this question on the test I also would pick WAF. Love these videos regardless.
Based on my work experience, I would believe that the correct awnser to question 1 is Vulnerability Management.
I already saw a lot that changes for patch management where set to "implemented" and "successfull", however some servers where not patched.
Then this gets picked up by Vulnerability reports and we inform the engineers to patch urgently the servers that where missed.
Or should we ignore work experience when taking the CISSP and assume that patch management also includes that the engineers actually check if all servers are patched?
Vm including in pm
Thanks prabh bhai. We need more of these .
Thank you so much for taking your own time to do this. These are fantastic. Please do more
Thanks Prabh. I would welcome more scenario based coffee shots.
Excellent!
Thanks a lot Prabh for these shots. Excellent. Regarding the question related to symmetric and asymmetric, the answer 'Both' is right only because the question says that they are considering using symmetric and asymmetric. If that was not mentioned, then it would have been just asymmetric, because out of three answer we cannot chose both. hope my understanding is correct.
Great job sir Prabh.
Love you Prabh. You are star :) Thank you.
Amazing content you bring up for the welfare of certification aspirants 👏👏👏
This is gold
I can not agree with the answer to the Qun 1, It should be Vulnerability Management ,,
B. Vulnerability Management This is the most comprehensive and forward-looking option. A robust vulnerability management program encompasses the identification, prioritization, and remediation of vulnerabilities, including patching legacy systems. It addresses the root cause (unpatched systems) and provides a framework to prevent similar issues in the future.
Thanks for your efforts this was great 👍
WAF can do input validation
I believe Incident Management Plan should be enabled which will cover Patch management and vulnerability management...
Yes I do agree that patch management is to be done urgently so that the breach may spread to other domains. Also. But I feel incident management has a key role to play. The same thing could appear with another customers portal also .Please clear my doubt.
Patch management is a solution which is driven by changd and incident management
you are gem ♦
Thank you very much sir..
Thank You!
Hi Prabh,
Data Loss Prevention (DLP) and Mobile Device Management (MDM) are two distinct technologies that serve different purposes. DLP is a security solution that helps organizations prevent data leakage by monitoring, detecting, and blocking sensitive data from leaving the organization’s network. On the other hand, MDM is a device management solution that helps organizations manage and secure mobile devices such as smartphones, tablets, and laptops.
MDM solutions include features such as device configuration, secure app distribution, and remote wipe, while DLP solutions include features such as data classification, encryption, and access controls 3.
Therefore, DLP is not part of MDM solution.
Please help to clarify.
Can you help me with questions and timestamp
Intune, a MDM solution has many DLP features. Don't take my word for it, google intune DLP features.
Cant even finish to read this scenario much more in exam 🤠
The WAF question is a bit confusingmm
NAC check the status of device before allowing them to connect to network i.e check security policy/ malware status etc . Dont you think in last question NAC may be a better solution. Secondly i thought MDM was for mobile smartphone device. BYOD can be a laptop as well.. i might be wrong.. kindly explain if posssible
Nac will work till enterprise not beyond
Yes please
Can not agree with the answer to Qun3,
Given that the coding phase is complete, the choice depends on whether the organization is willing to revisit the code:
If revisiting the code is feasible:
c) Input validation and output encoding remain the best recommendation, as they directly address the vulnerabilities and provide long-term security.
If revisiting the code is not feasible (due to time or resource constraints):
a) Web Application Firewall (WAF) becomes the next best option as a compensating control to protect the application against these attacks at runtime.
Now assessing as a "Security Professions" you are recommending to go back to development phase?
Hi Prabh,
How can we identify the vulnerability if there is no vulnerability management ? Patch management is something not done by security team, but IT team right. So can the answer be Vulnerability management ? That comes first I believe.
As you can read they already know the breache occure due to '' a vulnerability they do not patched well'' so I'm thinking that if they've done this manually, it could lead to this very problem, hence the importance of a management patch.