Free Practice Questions for ISC CISSP Exam

The best method used by a forensic examiner to isolate the powered-on device from the network and preserve the evidence is to put the device in airplane mode. Airplane mode is a feature that disables the wireless communication functions of the device, such as cellular, Wi-Fi, Bluetooth, or GPS. Putting the device in airplane mode can isolate the device from the network and prevent any remote access, modification, deletion, or wiping of the data on the device. Putting the device in airplane mode can also preserve the evidence by maintaining the current state of the device, such as the battery level, the signal strength, the date and time, or the notifications. Putting the device in airplane mode can also avoid any legal or ethical issues that may arise from intercepting or monitoring the network traffic of the device. Suspend the account with the telecommunication provider, remove the SIM card, and turn the device off are not the best methods used by a forensic examiner to isolate the powered-on device from the network and preserve the evidence, although they may be possible or alternative options. Suspend the account with the telecommunication provider is a method that involves contacting the service provider and requesting them to disable the service or the account associated with the device. Suspend the account with the telecommunication provider can isolate the device from the cellular network, but it may not isolate the device from other wireless networks, such as Wi-Fi or Bluetooth. Suspend the account with the telecommunication provider may also require a court order or a warrant, and it may alert the owner or the user of the device. Remove the SIM card is a method that involves physically removing the subscriber identity module (SIM) card from the device. The SIM card is a small chip that stores the information and the credentials of the user and the service provider, and it enables the device to connect to the cellular network. Remove the SIM card can isolate the device from the cellular network, but it may not isolate the device from other wireless networks, such as Wi-Fi or Bluetooth. Remove the SIM card may also alter or damage the data on the SIM card or the device, and it may require special tools or skills. Turn the device off is a method that involves powering off the device completely. Turn the device off can isolate the device from all wireless networks, such as cellular, Wi-Fi, Bluetooth, or GPS. Turn the device off may also prevent any further data loss or corruption on the device. However, turn the device off may also cause some data to be erased or overwritten, such as the data in the volatile memory (RAM) or the temporary files. Turn the device off may also trigger some security mechanisms, such as encryption, password, or biometric lock, that may prevent or hinder the access to the data on the device. 

 The most environmentally friendly and appropriate method of suppressing a fire in a data center is to use an inert gas fire suppression system. An inert gas fire suppression system is a type of gaseous fire suppression system that uses an inert gas, such as nitrogen, argon, or carbon dioxide, to extinguish a fire. An inert gas fire suppression system works by displacing the oxygen in the area and reducing the oxygen concentration below the level that supports combustion. An inert gas fire suppression system is environmentally friendly, as it does not produce any harmful or toxic by-products, and it does not deplete the ozone layer. An inert gas fire suppression system is also appropriate for a data center, as it does not damage or affect the electronic equipment, and it does not pose any health risks to the personnel, as long as the oxygen level is maintained above the minimum requirement for human survival. Halon gas fire suppression system, dry-pipe sprinklers, and wet-pipe sprinklers are not the most environmentally friendly and appropriate methods of suppressing a fire in a data center, although they may be effective or common fire suppression techniques. Halon gas fire suppression system is a type of gaseous fire suppression system that uses halon, a chemical compound that contains bromine, to extinguish a fire. Halon gas fire suppression system works by interrupting the chemical reaction of the fire and inhibiting the combustion process. Halon gas fire suppression system is not environmentally friendly, as it produces harmful or toxic by-products, and it depletes the ozone layer. Halon gas fire suppression system is also not appropriate for a data center, as it poses health risks to the personnel, and it is banned or restricted in many countries. Dry-pipe sprinklers are a type of water-based fire suppression system that uses pressurized air or nitrogen to fill the pipes, and water to spray from the sprinkler heads when a fire is detected. Dry-pipe sprinklers are not environmentally friendly, as they use water, which is a scarce and valuable resource, and they may cause water pollution or contamination. Dry-pipe sprinklers are also not appropriate for a data center, as they may damage or affect the electronic equipment, and they may trigger false alarms or accidental discharges. Wet-pipe sprinklers are a type of water-based fire suppression system that uses pressurized water to fill the pipes and spray from the sprinkler heads when a fire is detected. Wet-pipe sprinklers are not environmentally friendly, as they use water, which is a scarce and valuable resource, and they may cause water pollution or contamination. Wet-pipe sprinklers are also not appropriate for a data center, as they may damage or affect the electronic equipment, and they may trigger false alarms or accidental discharges. 

 The security access policy that contains fixed security attributes that are used by the system to determine a user’s access to a file or object is Mandatory Access Control (MAC). MAC is a type of access control model that assigns permissions to users and objects based on their security labels, which indicate their level of sensitivity or trustworthiness. MAC is enforced by the system or the network, rather than by the owner or the creator of the object, and it cannot be modified or overridden by the users. MAC can provide some benefits for security, such as enhancing the confidentiality and the integrity of the data, preventing unauthorized access or disclosure, and supporting the audit and compliance activities. MAC is commonly used in military or government environments, where the data is classified according to its level of sensitivity, such as top secret, secret, confidential, or unclassified. The users are granted security clearance based on their level of trustworthiness, such as their background, their role, or their need to know. The users can only access the objects that have the same or lower security classification than their security clearance, and the objects can only be accessed by the users that have the same or higher security clearance than their security classification. This is based on the concept of no read up and no write down, which requires that a user can only read data of lower or equal sensitivity level, and can only write data of higher or equal sensitivity level. MAC contains fixed security attributes that are used by the system to determine a user’s access to a file or object, by using the following methods:

Assigning security labels to the users and the objects, which consist of a security classification and a set of security categories. The security classification indicates the level of sensitivity of the data, such as top secret, secret, confidential, or unclassified. The security categories indicate the subject matter or the scope of the data, such as nuclear, military, or intelligence. The security labels are attached to the users and the objects as metadata or tags, and they cannot be changed or removed by the users.

Comparing the security labels of the users and the objects, using a reference monitor or an access control matrix. The reference monitor is a software component that intercepts and evaluates the requests for access to the objects, and grants or denies the access based on the security labels of the users and the objects. The access control matrix is a data structure that lists the users and the objects, and the permissions that each user has on each object, based on the security labels of the users and the objects.

The main reason for testing a DRP is to identify and correct any gaps, errors, or weaknesses in the plan before a real disaster occurs. Testing a DRP also helps to ensure that the plan is feasible, effective, and aligned with the organization’s objectives and requirements. Testing a DRP can also help to train and familiarize the IT staff with their roles and responsibilities in the event of a disaster, but this is not the primary purpose of testing. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 9: Business Continuity and Disaster Recovery Planning, page 1019; Official (ISC)2 Guide to the CISSP CBK, Fifth Edition, Chapter 8: Security Operations, page 1020.

A minimal implementation of endpoint security includes host-based firewalls. Endpoint security is the practice of protecting the devices that connect to a network, such as laptops, smartphones, tablets, or servers, from malicious attacks or unauthorized access. Endpoint security can involve various technologies and techniques, such as antivirus, encryption, authentication, patch management, or device control. Host-based firewalls are one of the basic and essential components of endpoint security, as they provide network-level protection for the individual devices. Host-based firewalls are software applications that monitor and filter the incoming and outgoing network traffic on a device, based on a set of rules or policies. Host-based firewalls can prevent or mitigate some types of attacks, such as denial-of-service, port scanning, or unauthorized connections, by blocking or allowing the packets that match or violate the firewall rules. Host-based firewalls can also provide some benefits for endpoint security, such as enhancing the visibility and the auditability of the network activities, enforcing the compliance and the consistency of the firewall policies, and reducing the reliance and the burden on the network-based firewalls. Trusted platforms, token-based authentication, and wireless access points (AP) are not the components that are included in a minimal implementation of endpoint security, although they may be related or useful technologies. Trusted platforms are hardware or software components that provide a secure and trustworthy environment for the execution of applications or processes on a device. Trusted platforms can involve various mechanisms, such as trusted platform modules (TPM), secure boot, or trusted execution technology (TXT). Trusted platforms can provide some benefits for endpoint security, such as enhancing the confidentiality and integrity of the data and the code, preventing unauthorized modifications or tampering, and enabling remote attestation or verification. However, trusted platforms are not a minimal or essential component of endpoint security, as they are not widely available or supported on all types of devices, and they may not be compatible or interoperable with some applications or processes. Token-based authentication is a technique that uses a physical or logical device, such as a smart card, a one-time password generator, or a mobile app, to generate or store a credential that is used to verify the identity of the user who accesses a network or a system. Token-based authentication can provide some benefits for endpoint security, such as enhancing the security and reliability of the authentication process, preventing password theft or reuse, and enabling multi-factor authentication (MFA). However, token-based authentication is not a minimal or essential component of endpoint security, as it does not provide protection for the device itself, but only for the user access credentials, and it may require additional infrastructure or support to implement and manage. Wireless access points (AP) are hardware devices that allow wireless devices, such as laptops, smartphones, or tablets, to connect to a wired network, such as the Internet or a local area network (LAN). Wireless access points (AP) can provide some benefits for endpoint security, such as extending the network coverage and accessibility, supporting the encryption and authentication mechanisms, and enabling the segmentation and isolation of the wireless network. However, wireless access points (AP) are not a component of endpoint security, as they are not installed or configured on the individual devices, but on the network infrastructure, and they may introduce some security risks, such as signal interception, rogue access points, or unauthorized connections.

Mandatory Access Controls (MAC) are based on security classification and security clearance. MAC is a type of access control model that assigns permissions to subjects and objects based on their security labels, which indicate their level of sensitivity or trustworthiness. MAC is enforced by the system or the network, rather than by the owner or the creator of the object, and it cannot be modified or overridden by the subjects. MAC can provide some benefits for security, such as enhancing the confidentiality and the integrity of the data, preventing unauthorized access or disclosure, and supporting the audit and compliance activities. MAC is commonly used in military or government environments, where the data is classified according to its level of sensitivity, such as top secret, secret, confidential, or unclassified. The subjects are granted security clearance based on their level of trustworthiness, such as their background, their role, or their need to know. The subjects can only access the objects that have the same or lower security classification than their security clearance, and the objects can only be accessed by the subjects that have the same or higher security clearance than their security classification. This is based on the concept of no read up and no write down, which requires that a subject can only read data of lower or equal sensitivity level, and can only write data of higher or equal sensitivity level. Data segmentation and data classification, data labels and user access permissions, and user roles and data encryption are not the bases of MAC, although they may be related or useful concepts or techniques. Data segmentation and data classification are techniques that involve dividing and organizing the data into smaller and more manageable units, and assigning them different categories or levels based on their characteristics or requirements, such as their type, their value, their sensitivity, or their usage. Data segmentation and data classification can provide some benefits for security, such as enhancing the visibility and the control of the data, facilitating the implementation and the enforcement of the security policies and controls, and supporting the audit and compliance activities. However, data segmentation and data classification are not the bases of MAC, as they are not the same as security classification and security clearance, and they can be used with other access control models, such as discretionary access control (DAC) or role-based access control (RBAC). Data labels and user access permissions are concepts that involve attaching metadata or tags to the data and the users, and specifying the rules or the criteria for accessing the data and the users. Data labels and user access permissions can provide some benefits for security, such as enhancing the identification and the authentication of the data and the users, facilitating the implementation and the enforcement of the security policies and controls, and supporting the audit and compliance activities. However, data labels and user access permissions are not the bases of MAC, as they are not the same as security classification and security clearance, and they can be used with other access control models, such as DAC or RBAC. User roles and data encryption are techniques that involve defining and assigning the functions or the responsibilities of the users, and transforming the data into an unreadable form that can only be accessed by authorized parties who possess the correct key. User roles and data encryption can provide some benefits for security, such as enhancing the authorization and the confidentiality of the data and the users, facilitating the implementation and the enforcement of the security policies and controls, and supporting the audit and compliance activities. However, user roles and data encryption are not the bases of MAC, as they are not the same as security classification and security clearance, and they can be used with other access control models, such as DAC or RBAC.

 Border Gateway Protocol (BGP) is a protocol that is often used between gateway hosts on the Internet. A gateway host is a network device that connects two or more different networks, such as a router or a firewall. BGP is a routing protocol that exchanges routing information between autonomous systems (ASes), which are groups of networks under a single administrative control. BGP is used to determine the best path to reach a destination network on the Internet, based on various factors such as hop count, bandwidth, latency, and policy. BGP is also used to implement interdomain routing policies, such as traffic engineering, load balancing, and security. BGP is the de facto standard for Internet routing and is widely deployed by Internet service providers (ISPs) and large enterprises. The other options are not protocols that are often used between gateway hosts on the Internet. Exterior Gateway Protocol (EGP) is an obsolete protocol that was used to exchange routing information between ASes before BGP. Open Shortest Path First (OSPF) is a protocol that is used to exchange routing information within an AS, not between ASes. Internet Control Message Protocol (ICMP) is a protocol that is used to send error and control messages between hosts and routers, not to exchange routing information. References: Border Gateway Protocol - Wikipedia; What is Border Gateway Protocol (BGP)? - Definition from WhatIs.com; What is BGP? | How BGP Routing Works | Cloudflare.

A characteristic of an internal audit is that management is responsible for reading and acting upon the internal audit results. An internal audit is an independent and objective evaluation or assessment of the internal controls, processes, or activities of an organization, performed by a group of auditors or professionals who are part of the organization, such as the internal audit department or the audit committee. An internal audit can provide some benefits for security, such as enhancing the accuracy and the reliability of the operations, preventing or detecting fraud or errors, and supporting the audit and the compliance activities. An internal audit can involve various steps and roles, such as:

Planning, which is the preparation or the design of the internal audit, by the internal auditor or the audit team, who are responsible for conducting or performing the internal audit. Planning includes defining the objectives, scope, criteria, and methodology of the internal audit, as well as identifying and analyzing the risks and the stakeholders of the internal audit.

Execution, which is the implementation or the performance of the internal audit, by the internal auditor or the audit team, who are responsible for collecting and evaluating the evidence or the data related to the internal audit, using various tools and techniques, such as interviews, observations, tests, or surveys.

Reporting, which is the communication or the presentation of the internal audit results, by the internal auditor or the audit team, who are responsible for preparing and delivering the internal audit report, which contains the findings, conclusions, and recommendations of the internal audit, to the management or the audit committee, who are the primary users or recipients of the internal audit report.

Follow-up, which is the verification or the validation of the internal audit results, by the management or the audit committee, who are responsible for reading and acting upon the internal audit report, as well as by the internal auditor or the audit team, who are responsible for monitoring and reviewing the actions taken by the management or the audit committee, based on the internal audit report.

Management is responsible for reading and acting upon the internal audit results, as they are the primary users or recipients of the internal audit report, and they have the authority and the accountability to implement or execute the recommendations or the improvements suggested by the internal audit report, as well as to report or disclose the internal audit results to the external parties, such as the regulators, the shareholders, or the customers. An internal audit is typically shorter in duration than an external audit, the internal audit schedule is published to the organization well in advance, and the internal auditor reports to the audit committee are not characteristics of an internal audit, although they may be related or possible aspects of an internal audit. An internal audit is typically shorter in duration than an external audit, as it is performed by a group of auditors or professionals who are part of the organization, and who have more familiarity and access to the internal controls, processes, or activities of the organization, compared to a group of auditors or professionals who are outside the organization, and who have less familiarity and access to the internal controls, processes, or activities of the organization. However, an internal audit is typically shorter in duration than an external audit is not a characteristic of an internal audit, as it is not a defining or a distinguishing feature of an internal audit, and it may vary depending on the type or the nature of the internal audit, such as the objectives, scope, criteria, or methodology of the internal audit. The internal audit schedule is published to the organization well in advance, as it is a good practice or a technique that can help to ensure the transparency and the accountability of the internal audit, as well as to facilitate the coordination and the cooperation of the internal audit stakeholders, such as the management, the audit committee, the internal auditor, or the audit team. 

A shock sensor is a type of alarm system that detects intrusions through windows by sensing the vibrations or impacts caused by breaking glass or forced entry. A shock sensor is recommended for a high-noise, occupied environment, as it is less prone to false alarms caused by ambient noise or movement. A shock sensor can be mounted on the window frame or glass, and can be configured to trigger an alarm or a notification when a certain threshold of vibration or impact is exceeded. A shock sensor can also be combined with other types of sensors, such as magnetic contacts or glass break detectors, to provide a layered defense. An acoustic sensor is a type of alarm system that detects intrusions through windows by listening to the sound of breaking glass or forced entry. An acoustic sensor is not recommended for a high-noise, occupied environment, as it can be easily triggered by other sources of noise, such as music, conversation, or traffic. An acoustic sensor can be placed near the window or in the room, and can be tuned to recognize the frequency and pattern of glass breaking sounds. A motion sensor is a type of alarm system that detects intrusions by sensing the movement or presence of an intruder in a protected area. A motion sensor is not recommended for a high-noise, occupied environment, as it can be triggered by legitimate occupants or authorized visitors. A motion sensor can be installed on the wall, ceiling, or floor, and can use different technologies, such as infrared, ultrasonic, microwave, or video, to detect motion. A photoelectric sensor is a type of alarm system that detects intrusions by sensing the interruption of a beam of light between a transmitter and a receiver. A photoelectric sensor is not recommended for a high-noise, occupied environment, as it can be triggered by objects or animals that cross the beam. A photoelectric sensor can be placed on the window or across the room, and can be configured to trigger an alarm or a notification when the beam is broken. 

Senior management has the primary responsibility to ensure that security objectives are aligned with organizational goals. Senior management is the highest level of authority and decision-making in an organization, and it sets the vision, mission, strategy, and objectives for the organization. Senior management is also responsible for establishing the security governance framework, which defines the roles, responsibilities, policies, standards, and procedures for security management. Senior management should ensure that the security function supports and enables the organizational goals, and that the security objectives are consistent, measurable, and achievable. Senior management should also provide adequate resources, guidance, and oversight for the security function, and communicate the security expectations and requirements to all stakeholders. The information security department, the audit committee, and all users have some roles and responsibilities in ensuring that security objectives are aligned with organizational goals, but they are not the primary ones. The information security department is responsible for implementing, maintaining, and monitoring the security controls and processes, and reporting on the security performance and incidents. The audit committee is responsible for reviewing and verifying the effectiveness and compliance of the security controls and processes, and providing recommendations for improvement. All users are responsible for following the security policies and procedures, and reporting any security issues or violations. 

A digital watermark is a hidden signal embedded in a data file that can be used to identify the owner, source, or authenticity of the data. A watermark is difficult to detect and remove without degrading the quality of the data. However, one way that a watermark might still be inadvertently removed is by truncating parts of the data, such as cropping an image or cutting a video. This might affect the location or size of the watermark and make it unreadable or invalid. References: Official (ISC)2 CISSP CBK Reference, Fifth Edition, page 507; CISSP For Dummies, 7th Edition, page 344.

 Penetration testing is a type of test that an organization performs in order to locate and target exploitable defects in its information systems and networks. Penetration testing simulates a real-world attack scenario, where a tester, also known as a penetration tester or ethical hacker, tries to find and exploit the vulnerabilities in the system or network, using the same tools and techniques as a malicious attacker. The goal of penetration testing is to identify the weaknesses and gaps in the security posture of the organization, and to provide recommendations and solutions to mitigate or eliminate them. Penetration testing can help the organization improve its security awareness, compliance, and resilience, and prevent potential breaches or incidents. 

The combination that would most negatively affect availability is denial of service (DoS) attacks and outdated hardware. Availability is the property or the condition of a system or a network to be accessible and usable by the authorized users or customers, whenever and wherever they need it. Availability can be measured by various metrics, such as uptime, downtime, response time, or reliability. Availability can be affected by various factors, such as hardware, software, network, human, or environmental factors. Denial of service (DoS) attacks and outdated hardware are two factors that can negatively affect availability, as they can cause or contribute to the following consequences:

Denial of service (DoS) attacks are malicious attacks that aim to disrupt or degrade the availability of a system or a network, by overwhelming or exhausting its resources, such as bandwidth, memory, or processing power, with a large number or a high frequency of requests or packets. Denial of service (DoS) attacks can prevent or delay the legitimate users or customers from accessing or using the system or the network, and they can cause errors, failures, or crashes to the system or the network.

Outdated hardware are hardware components that are old, obsolete, or unsupported, and that do not meet the current or the expected requirements or standards of the system or the network, such as performance, functionality, or security. Outdated hardware can reduce or limit the availability of the system or the network, as they can cause malfunctions, breakdowns, or incompatibilities to the system or the network, and they can be difficult or costly to maintain, repair, or replace.

The combination of denial of service (DoS) attacks and outdated hardware would most negatively affect availability, as they can have a synergistic or a cumulative effect on the system or the network, and they can exacerbate or amplify each other’s impact. For example, denial of service (DoS) attacks can exploit or target the vulnerabilities or the weaknesses of the outdated hardware, and they can cause more damage or disruption to the system or the network. Outdated hardware can increase or prolong the susceptibility or the recovery of the system or the network to the denial of service (DoS) attacks, and they can reduce or hinder the resilience or the mitigation of the system or the network to the denial of service (DoS) attacks. Unauthorized transactions and outdated hardware, fire and accidental changes to data, and unauthorized transactions and denial of service attacks are not the combinations that would most negatively affect availability, although they may be related or possible combinations. Unauthorized transactions and outdated hardware are two factors that can negatively affect the confidentiality and the integrity of the data, rather than the availability of the system or the network, as they can cause or contribute to the following consequences:

Unauthorized transactions are malicious or improper activities that involve accessing, modifying, or transferring the data on a system or a network, without the permission or the consent of the owner or the custodian of the data, such as theft, fraud, or sabotage. Unauthorized transactions can compromise or damage the confidentiality and the integrity of the data, as they can expose or disclose the data to unauthorized parties, or they can alter or destroy the data.

Outdated hardware are hardware components that are old, obsolete, or unsupported, and that do not meet the current or the expected requirements or standards of the system or the network, such as performance, functionality, or security. Outdated hardware can compromise or damage the confidentiality and the integrity of the data, as they can be vulnerable or susceptible to attacks or errors, or they can be incompatible or inconsistent with the data.

Fire and accidental changes to data are two factors that can negatively affect the availability and the integrity of the data, rather than the availability of the system or the network, as they can cause or contribute to the following consequences:

Fire is a physical or an environmental hazard that involves the combustion or the burning of a material or a substance, such as wood, paper, or plastic, and that produces heat, light, or smoke. Fire can damage or destroy the availability and the integrity of the data, as it can consume or melt the physical media or devices that store the data, such as hard disks, tapes, or CDs, or it can corrupt or erase the data on the media or devices.

Accidental changes to data are human or operational errors that involve modifying or altering the data on a system or a network, without the intention or the awareness of the user or the operator, such as typos, misconfigurations, or overwrites. Accidental changes to data can damage or destroy the availability and the integrity of the data, as they can make the data inaccessible or unusable, or they can make the data inaccurate or unreliable.

Unauthorized transactions and denial of service attacks are two factors that can negatively affect the confidentiality and the availability of the system or the network, rather than the availability of the system or the network, as they can cause or contribute to the following consequences:

Unauthorized transactions are malicious or improper activities that involve accessing, modifying, or transferring the data on a system or a network, without the permission or the consent of the owner or the custodian of the data, such as theft, fraud, or sabotage. Unauthorized transactions can compromise or damage the confidentiality and the availability of the system or the network, as they can expose or disclose the data to unauthorized parties, or they can consume or divert the resources of the system or the network.

Denial of service (DoS) attacks are malicious attacks that aim to disrupt or degrade the availability of a system or a network, by overwhelming or exhausting its resources, such as bandwidth, memory, or processing power, with a large number or a high frequency of requests or packets. Denial of service (DoS) attacks can compromise or damage the confidentiality and the availability of the system or the network, as they can prevent or delay the legitimate users or customers from accessing or using the system or the network, and they can cause errors, failures, or crashes to the system or the network.

The residual risk is 25% in this scenario. Residual risk is the portion of risk that remains after security measures have been applied to mitigate the risk. Residual risk can be calculated by subtracting the risk reduction from the total risk. In this scenario, the total risk is 100%, and the risk reduction is 75%. The risk reduction is 75% because the control stops 50% of attacks, and reduces the impact of an attack by 50%. Therefore, the residual risk is 100% - 75% = 25%. Alternatively, the residual risk can be calculated by multiplying the probability and the impact of the remaining risk. In this scenario, the probability of an attack is 50%, and the impact of an attack is 50%. Therefore, the residual risk is 50% x 50% = 25%. 50%, 75%, and 100% are not the correct answers to the question, as they do not reflect the correct calculation of the residual risk. 

Enterprise security architecture is the framework that defines the security policies, standards, guidelines, and controls that govern the security of an organization’s information systems and assets. Enterprise security architecture must be scalable to address the security concerns raised by the integration of third-party identity services, such as Identity as a Service (IDaaS) or federated identity management. Scalability means that the enterprise security architecture can accommodate the increased complexity, diversity, and volume of identity and access management transactions and interactions that result from the integration of external identity providers and consumers. Scalability also means that the enterprise security architecture can adapt to the changing security requirements and threats that may arise from the integration of third-party identity services.