- All Exams Instant Download
What is the purpose of the Asset Management category?
What is the purpose of the Asset Management category?A . Prevent unauthorized access, damage, and interference to business premises and informationB . Support asset management strategy and information infrastructure security policiesC . Avoid breaches of any criminal or civil law, statutory, regulatory, or contractual obligationsD . Inventory physical devices and...
Which category addresses the detection of unauthorized code in software?
Which category addresses the detection of unauthorized code in software?A . PR.DSB . DE.DPC . PR.ATD . DE.CMView AnswerAnswer: D
Which part of the IRP does the team need to implement or update?
An organization has a policy to respond “ASAP” to security incidents. The security team is having a difficult time prioritizing events because they are responding to all of them, in order of receipt. Which part of the IRP does the team need to implement or update?A . Scheduling of incident...
During what activity does an organization identify and prioritize technical, organizational, procedural, administrative, and physical security weaknesses?
During what activity does an organization identify and prioritize technical, organizational, procedural, administrative, and physical security weaknesses?A . Table top exerciseB . Penetration testingC . Vulnerability assessmentD . White box testingView AnswerAnswer: C
What term refers to a partially equipped, environmentally conditioned work space used to relocate operations in the event of a significant disruption?
What term refers to a partially equipped, environmentally conditioned work space used to relocate operations in the event of a significant disruption?A . Hot siteB . Warm siteC . Mirror siteD . Secondary siteView AnswerAnswer: B
What is the next step required to ensure that you have an effective CSRL and a more robust cybersecurity posture in the future?
Your organization was breached. You informed the CSIRT and they contained the breach and eradicated the threat. What is the next step required to ensure that you have an effective CSRL and a more robust cybersecurity posture in the future?A . Determine change agentB . Update the BIAC . Conduct...
Your organization’s security team has been working with various business units to understand their business requirements, risk tolerance, and resources used to create a Framework Profile. Based on the Profile provided, what entries correspond to labels A, B, and C?
Refer to the exhibit. Your organization’s security team has been working with various business units to understand their business requirements, risk tolerance, and resources used to create a Framework Profile. Based on the Profile provided, what entries correspond to labels A, B, and C? A . Option AB . Option...
What are the main components of the NIST Cybersecurity Framework?
What are the main components of the NIST Cybersecurity Framework?A . Core, Categories, and TiersB . Functions, Profiles, and TiersC . Categories, Tiers, and ProfilesD . Core, Tiers, and ProfilesView AnswerAnswer: D
What must be updated once the transaction is verified?
In accordance with PR.MA, an organization has just truncated all log files that are more than 12 months old. This has freed up 25 TB per logging server. What must be updated once the transaction is verified?A . SDLCB . IRPC . BaselineD . ISCMView AnswerAnswer: C
The Disaster Recovery Plan must document what effort in order to address unrecoverable assets?
The Disaster Recovery Plan must document what effort in order to address unrecoverable assets?A . RTO savingsB . Recovery priorityC . Recovery resourcesD . Recovery resourcesView AnswerAnswer: D
