Contingency planning requirements should be considered at every phase of SDLC, but most importantly when a new IT system is being conceived. In the initiation phase, system requirements are identified and matched to their related operational processes, allowing determination of the system's appropriate recovery priority. Source: SWANSON, Marianne, & al., National Institute of Standards and Technology (NIST), NIST Special Publication 800-34, Contingency Planning Guide for Information Technology Systems, December 2001 (page 12). and The Official ISC2 Guide to the CBK, Second Edition, Application Security, page 180-185

One of the reasons why mobile devices are difficult to investigate in a forensic examination is that they may contain cryptographic protection. Cryptographic protection is the use of encryption, hashing, or digital signatures to protect the confidentiality, integrity, or authenticity of data stored or transmitted on a device.
Mobile devices, such as smartphones, tablets, or laptops, may use cryptographic protection to secure the data on the device, such as contacts, messages, photos, or documents, or the data in transit, such as emails, chats, or web browsing. Cryptographic protection can pose a challenge for forensic investigators, as they may need to obtain the keys, passwords, or biometrics to access the encrypted or signed data, or they may need to use specialized tools or techniques to bypass or break the cryptographic protection. Cryptographic protection can also affect the admissibility or reliability of the forensic evidence, as it may require additional verification or validation. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 7: Security Operations, page
358; [Official (ISC)2 CISSP CBK Reference, Fifth Edition, Chapter 7: Security Operations, page 483]

Explanation/Reference:
Explanation:
Link encryption encrypts all the data along a specific communication path, as in a satellite link, T3 line, or telephone circuit. Not only is the user information encrypted, but the header, trailers, addresses, and routing data that are part of the packets are also encrypted. The only traffic not encrypted in this technology is the data link control messaging information, which includes instructions and parameters that the different link devices use to synchronize communication methods. Link encryption provides protection against packet sniffers and eavesdroppers.
Link encryption, which is sometimes called online encryption, is usually provided by service providers and is incorporated into network protocols. All of the information is encrypted, and the packets must be decrypted at each hop so the router, or other intermediate device, knows where to send the packet next.
The router must decrypt the header portion of the packet, read the routing and address information within the header, and then re-encrypt it and send it on its way.
Incorrect Answers:
A: It is true that link encryption encrypts all the data along a specific communication path.
B: It is true that link encryption provides protection against packet sniffers and eavesdroppers.
C: It is true that user information, header, trailers, addresses and routing data that are part of the packets are encrypted.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, p. 845-846

A formal review of any Disaster Recovery Plan (DRP) should be conducted at a minimum annually, or more frequently if there are significant changes in the business environment, the IT infrastructure, the security threats, or the regulatory requirements. A formal review involves evaluating the DRP against the current business needs, objectives, and risks, and ensuring that the DRP is updated, accurate, complete, and consistent. A formal review also involves testing the DRP to verify its effectiveness and feasibility, and identifying any gaps or weaknesses that need to be addressed12. References: 1: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 10, page 10352: CISSP For Dummies, 7th Edition, Chapter 10, page 351.

The correct answer describes the proper sequence of operating on the message and has the correct value of 160 bits for the SHAmessage digest. At the receiving end, the message is fed into the SHA, and the result is compared to the received message digest to verify the signature. *Answer "A message of < 264 bits is input to the DSA, and the resultant message digest of 160 bits is fed into the Secure Hash Algorithm (SHA), which generates the digital signature of the message" is incorrect since the order of the DSA and SHA are in reverse sequence from the correct order of their application.
*Answer "A message of < 264 bits is input to the Secure Hash Algorithm (SHA),
and the resultant message digest of 128 bits is fed into the DSA,
which generates the digital signature of the message." is incorrect since it has the incorrect value
of 128 bits for the message digest produced by the SHa.
*Answer "A message of < 264 bits is input to the Secure Hash Algorithm (SHA),
and the resultant message digest of 160 bits is used as the digital
signature of the message" is incorrect since the message digest has to be fed into the DSA to
generate the digital signature of
the message.