What is the purpose of separation of duties?
What is the purpose of separation of duties?A . Internal control to prevent fraudB . Enhance exposure to functional areasC . Encourage collaborationD . Mitigate collusion and prevent theftView AnswerAnswer: A
What steps should the company take to rectify this situation?
A company implemented an intrusion detection system. They notice the system generates a very large number of false alarms. What steps should the company take to rectify this situation?A . Re-evaluate the Baseline and make necessary adjustments to the detection rulesB . Replace the intrusion detection system with an intrusion...
What are the main components of the NIST Cybersecurity Framework?
What are the main components of the NIST Cybersecurity Framework?A . Core, Categories, and TiersB . Functions, Profiles, and TiersC . Categories, Tiers, and ProfilesD . Core, Tiers, and ProfilesView AnswerAnswer: D
What type of item appears in the second column of the table?
Refer to the exhibit. What type of item appears in the second column of the table?A . SubcategoryB . Informative ReferenceC . FunctionD . TierView AnswerAnswer: A
At what cyber kill chain stage do attackers use malware to exploit specific software or hardware vulnerabilities on the target, based on the information retrieved at the reconnaissance stage?
At what cyber kill chain stage do attackers use malware to exploit specific software or hardware vulnerabilities on the target, based on the information retrieved at the reconnaissance stage?A . InstallationB . ReconnaissanceC . WeaponizationD . DeliveryView AnswerAnswer: C
What is the next step required to ensure that you have an effective CSRL and a more robust cybersecurity posture in the future?
Your organization was breached. You informed the CSIRT and they contained the breach and eradicated the threat. What is the next step required to ensure that you have an effective CSRL and a more robust cybersecurity posture in the future?A . Determine change agentB . Update the BIAC . Conduct...
What must be updated once the transaction is verified?
In accordance with PR.MA, an organization has just truncated all log files that are more than 12 months old. This has freed up 25 TB per logging server. What must be updated once the transaction is verified?A . SDLCB . IRPC . BaselineD . ISCMView AnswerAnswer: D
What is the purpose of a baseline assessment?
What is the purpose of a baseline assessment?A . Enhance data integrityB . Determine costsC . Reduce deployment timeD . Determine riskView AnswerAnswer: D
What is a consideration when performing data collection in Information Security Continuous Monitoring?
What is a consideration when performing data collection in Information Security Continuous Monitoring?A . Data collection efficiency is increased through automation.B . The more data collected, the better chances to catch an anomaly.C . Collection is used only for compliance requirements.D . Data is best captured as it traverses the...
What could be considered a set of cybersecurity activities, desired outcomes, and applicable references that are common across critical infrastructure sectors and align to five concurrent and continuous functions?
What could be considered a set of cybersecurity activities, desired outcomes, and applicable references that are common across critical infrastructure sectors and align to five concurrent and continuous functions?A . BaselineB . CoreC . ProfileD . GovernanceView AnswerAnswer: B