Tips & Tricks: CISM Exam Cheat Sheet Crack Your CISM Exam & Pass It In The First Attempt! Wanna crack your CISM exam and pass it on the first attempt? Find out how.
Пікірлер: 33
@itgma_keithape2 ай бұрын
Official answer to Question 1 is Change Management according to the QAE book. “Patch management involves the correction of software weaknesses and would necessarily follow change management procedures. Change management controls the process of introducing changes to systems and controlling unauthorized changes to production, which are often the points at which weaknesses will be introduced.”
@gayansahabandu27993 жыл бұрын
in Question 1 it says most effective way to preventing a weakness from being "introduced"; what patch management would do is plugging weaknesses already operational inside your system. i.e. you would run a win 2018 server and latest patch update or hot fix would patch the weakness already inside that server (which has been already exploited by the hackers now Microsoft has plugged that gap). meaning without that patch, server would run with that weakness in place, hence weakness is already introduced / existing. effective Change management on the other hand would check potential weakness can introduce as a result of new proposed changes. i.e. if the latest proposed change to your file server requires to use SMB version 1, an effective change management system would detect this and prevent it from applying those new changes hence, it has prevented a new weakness being "introduced" into the existing production system.
@dxbtalal2 жыл бұрын
yes really one of the worst video.. in start it like shit shit.. but thats okey but 1st question answer is worng. and i jsut stoped it... don't watch it.. title should be how to fail in cism exam
@olublessed30442 жыл бұрын
I agree with your answer. The key word there is "weakness being introduced into an existing" system and that comes through set of changes which would be properly detected through change mgt. Patch is for "weakness already within the system" NOT being introduced.
@dinesh23862 жыл бұрын
Answer for Q1 is B: Change Management. Source: official ISACA Q&A
@borufkaz Жыл бұрын
yes. this was my choice too :D
@justindelpero Жыл бұрын
Thank you, was worried I'd lost my mind.
@rizki62713 жыл бұрын
Thanks pak semi, sangat bermanfaat sekali :)
@VIJAYVASOYA3 жыл бұрын
Thank You
@SemiYulianto3 жыл бұрын
ur welcome :)
@gayansahabandu27993 жыл бұрын
Hi in Question 8 even though security best practice answer would be number of admins, in practical world, if you are using WEP encryption with short short bit rate would always guarantee your wifi getting hacked by a wifi hacking tool. Please do a research and see how many tools that you can find to crack a WEP wifi system, its so easy. So, it doesn't matter if you have only one or 10 admins with weak or strong passwords. If I am a hacker, if my initial scan finds WEP being used on your wifi, I would not bother go after the admin password at all. Answer B says number of administrators it doesn't say password strength of the administrators. so you could have 100 administrators but what if they all are using good passwords. in hacker's point of view, in a wifi, unlike trying to hack a system or a website, initial wifi scan would reveal the type of encryption it uses hence if WEP is used, its very easy to hack and guaranteed and it takes less time than going after a brute force attack on admin's password.
@Kendysukardi2 жыл бұрын
Thanks pak
@kssaz35783 жыл бұрын
good and sincere advise - more question would have been good...!
@modar303 жыл бұрын
I agree... The answer should be b. Change management..... But if isaca meant vulnerabilities by 'weaknesses ' then ya it is patch mngmnt
@andyas79573 жыл бұрын
thanks pak Semi...
@SemiYulianto3 жыл бұрын
Sama" mas :)
@briancook6158 Жыл бұрын
I disagree with number 7. The first thing you do with an infected machine is to get it off the network asap. Then you make a copy of it for potential litigation and criminal investigation. Then you rebuild it but you have to determine how it got hacked so it doesn’t just happen again.
@cabraldegah69975 ай бұрын
Not, he’s right: Disconnecting the mail server from the network is an initial step, but does not guarantee security. Rebuilding the system from the original installation medium is the only way to ensure all security vulnerabilities and potential stealth malicious programs have been destroyed. 😊
@briancook61585 ай бұрын
Okay and while you are brainstorming how you're going to rebuild it the attacker is moving laterally across the network and escalating privs.
@Bob-hk9mx3 жыл бұрын
Please made video on ecptxV2 exam guide.
@SemiYulianto3 жыл бұрын
OK, perhaps next time 😁
@cabraldegah69975 ай бұрын
I disagree with Q1, the right answer isn’t patch management, is B which is change management. Change management controls the process of introducing changes to systems. This is often the point at which a weakness will be introduced. Patch management involves the correction of software weaknesses and would necessarily follow change management procedures.
@itgma_keithape2 ай бұрын
You’re correct. Official answer in the QAE is change management. “Patch management involves the correction of software weaknesses and would necessarily follow change management procedures. Change management controls the process of introducing changes to systems and controlling unauthorized changes to production, which are often the points at which weaknesses will be introduced.”
@briancook6158 Жыл бұрын
I also disagree with number 8. I’d rather have ten admins running WPA2 then one admin running WEP.
@HarryPotter-li3hs3 жыл бұрын
Pak request tutorial video forensik web pesan instan menggunakan Autopsy. Terimakasih
@amarullohripai37453 жыл бұрын
Sundul gan
@muhammadarkarrozi29613 жыл бұрын
Pak coba bahas cara pake skipfish:)
@showniels3 жыл бұрын
Your answer on question 1 is definitely wrong :)
@blaisentwali26792 жыл бұрын
The answer should be B: Change Management.
@dxbtalal2 жыл бұрын
@@blaisentwali2679 just reached to q4.. that is also wrong
@borufkaz Жыл бұрын
@@dxbtalal should be about resesigning right?
@mauztest2450 Жыл бұрын
Can you please add mode adds between the questions?😂
@peptechtalks10 ай бұрын
Humble request please do not share wrong answers as this misguides and discourages students. The Q1 answer mentions "MOST" as the keyword which means it must be a regular practice. Also Change management is a preventive control and detective control so this makes more close to be the correct answer.