212-89

Shally, an incident handler, is working for a company named Texas Pvt. Ltd. based in Florida. She was asked to work on an incident response plan. As part of the plan, she decided to enhance and improve the security infrastructure of the enterprise. She has incorporated a security strategy that...

Which of the following terms refers to an organization's ability to make optimal use of digital evidence in a limited period of time and with minimal investigation costs?A . Risk assessmentB . Threat assessmentC . Data analysisD . Forensic readinessView AnswerAnswer: A

Which policy recommends controls for securing and tracking organizational resources:A . Access control policyB . Administrative security policyC . Acceptable use policyD . Asset control policyView AnswerAnswer: D

An organization faced an information security incident where a disgruntled employee passed sensitive access control information to a competitor. The organization’s incident response manager, upon investigation, found that the incident must be handled within a few hours on the same day to maintain business continuity and market competitiveness. How would...

US-CERT and Federal civilian agencies use the reporting timeframe criteria in the federal agency reporting categorization. What is the timeframe required to report an incident under the CAT 4 Federal Agency category?A . WeeklyB . Within four (4) hours of discovery/detection if the successful attack is still ongoing and agency...

A threat source does not present a risk if NO vulnerability that can be exercised for a particular threat source. Identify the step in which different threat sources are defined: A . Identification VulnerabilitiesB . Control analysisC . Threat identificationD . System characterizationView AnswerAnswer: C

Incident handling and response steps help you to detect, identify, respond and manage an incident. Which of the following steps focus on limiting the scope and extent of an incident?A . EradicationB . ContainmentC . IdentificationD . Data collectionView AnswerAnswer: B

Identify the Sarbanes-Oxley Act (SOX) Title, which consists of only one section, that includes measures designed to help restore investor confidence in the reporting of securities analysts.A . Title VI: Stud is and ReportsB . Title IX: White-Collar-Crime Penalty EnhancementC . Title V: Analyst Conflicts of InterestD . Title VIII:...

Which of the following is not a countermeasure to eradicate inappropriate usage incidents?A . Registering user activity logs and keep monitoring them regularlyB . Avoiding VPN and other secure network channelsC . Always storing the sensitive data in far located servers and restricting its accessD . Installing firewall and IDS/IPS...

Alice is a disgruntled employee. She decided to acquire critical information from her organization for financial benefit. To accomplish this, Alice started running a virtual machine on the same physical host as her victim's virtual machine and took advantage of shared physical resources(processor cache) to steal data (cryptographic key/plaintext secrets)...