During what activity does an organization identify and prioritize technical, organizational, procedural, administrative, and physical security weaknesses?
During what activity does an organization identify and prioritize technical, organizational, procedural, administrative, and physical security weaknesses?A . Table top exerciseB . Penetration testingC . Vulnerability assessmentD . White box testingView AnswerAnswer: C
What term refers to a partially equipped, environmentally conditioned work space used to relocate operations in the event of a significant disruption?
What term refers to a partially equipped, environmentally conditioned work space used to relocate operations in the event of a significant disruption?A . Hot siteB . Warm siteC . Mirror siteD . Secondary siteView AnswerAnswer: B
What are the five categories that make up the Response function?
What are the five categories that make up the Response function?A . Response Planning, Data Security, Communications, Analysis, and MitigationB . Response Planning, Communications, Analysis, Mitigation, and ImprovementsC . Mitigation, Improvements, Maintenance, Response Planning, and GovernanceD . Awareness and Training, Improvements, Communications, Analysis, and GovernanceView AnswerAnswer: B
The Disaster Recovery Plan must document what effort in order to address unrecoverable assets?
The Disaster Recovery Plan must document what effort in order to address unrecoverable assets?A . RTO savingsB . Recovery priorityC . Recovery resourcesD . Recovery resourcesView AnswerAnswer: B
Which phase in the SDLC is most concerned with maintaining proper authentication of users and processes to ensure an appropriate access control policy is defined?
Which phase in the SDLC is most concerned with maintaining proper authentication of users and processes to ensure an appropriate access control policy is defined?A . ImplementationB . Operation / MaintenanceC . InitiationD . Development / AcquisitionView AnswerAnswer: B
Which part of the process failed?
A company failed to detect a breach of their production system. The breach originated from a legacy system that was originally thought to be decommissioned. It turned out that system was still operating and occasionally connected to the production system for reporting purposes. Which part of the process failed?A ....
The CSF recommends that the Communication Plan for an IRP include audience, method of communication, frequency, and what other element?
The CSF recommends that the Communication Plan for an IRP include audience, method of communication, frequency, and what other element?A . Incident categoryB . Message criteriaC . Incident severityD . Templates to useView AnswerAnswer: C
Which category addresses the detection of unauthorized code in software?
Which category addresses the detection of unauthorized code in software?A . PR.DSB . DE.DPC . PR.ATD . DE.CMView AnswerAnswer: D
Which actions should you take to stop data leakage and comply with requirements of the company security policy?
The network security team in your company has discovered a threat that leaked partial data on a compromised file server that handles sensitive information. Containment must be initiated and addresses by the CSIRT. Service disruption is not a concern because this server is used only to store files and does...
What specifically addresses cyber-attacks against an organization's IT systems?
What specifically addresses cyber-attacks against an organization's IT systems?A . Continuity of Support PlanB . Business Continuity PlanC . Continuity of Operations PlanD . Incident Response PlanView AnswerAnswer: D