ISC Updated CISSP Exam Questions and Answers by neave

An authorization check is a component of a web application that stores the session state in a cookie that can be bypassed by an attacker. An authorization check verifies that the user has the appropriate permissions to access the requested resources or perform the desired actions. However, if the session state is stored in a cookie, an attacker can manipulate the cookie to change the user’s role or privileges, and bypass the authorization check. Therefore, it is recommended to store the session state on the server side, or use encryption and integrity protection for the cookie. References: Official (ISC)2 CISSP CBK Reference, Fifth Edition, Domain 8: Software Development Security, p. 1015; CISSP All-in-One Exam Guide, Eighth Edition, Chapter 8: Software Development Security, p. 503.

The capabilities of the system that allow its business users to perform business functions but not user administration functions, and its application administrators to perform administration functions but not user business functions, are best described as separation of duties. Separation of duties is a security principle that divides the roles and responsibilities of different tasks or functions among different individuals or groups, so that no one person or group has complete control or authority over a critical process or asset. Separation of duties can help to prevent fraud, collusion, abuse, or errors, and to ensure accountability, oversight, and checks and balances. Least privilege, rule based access controls, and Mandatory Access Control (MAC) are not the best descriptions of the capabilities of the system, as they do not reflect the division of roles and responsibilities among different users or groups. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 1, Security and Risk Management, page 32. Official (ISC)2 CISSP CBK Reference, Fifth Edition, Chapter 1, Security and Risk Management, page 45.

The most beneficial phase for security personnel involvement in the Systems Development Life Cycle (SDLC) process is the requirements definition phase. This is the phase where the security personnel can identify and analyze the security needs, objectives, and constraints of the system, and define the security requirements and specifications that the system must meet. By involving security personnel in this phase, the organization can ensure that security is integrated into the system design from the beginning, and avoid costly or complex changes or fixes later in the SDLC process. The other options are not as beneficial as the requirements definition phase, as they either involve security personnel too late in the SDLC process (A, B, and D), or do not address the security needs and objectives of the system (D). References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 8, page 459; Official (ISC)2 CISSP CBK Reference, Fifth Edition, Chapter 8, page 551.

The best reason to review audit logs periodically is to identify anomalies in use patterns that may indicate unauthorized or malicious activities, such as intrusion attempts, data breaches, policy violations, or system errors. Audit logs record the events and actions that occur on a system or network, and can provide valuable information for security analysis, investigation, and response. The other options are not as good as identifying anomalies, as they either do not relate to security (B), or are not the primary purpose of audit logs (A and D). References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 7, page 405; Official (ISC)2 CISSP CBK Reference, Fifth Edition, Chapter 7, page 465.