Which category addresses the detection of unauthorized code in software?

Which category addresses the detection of unauthorized code in software?A . PB . DSC . DD . DPE . PF . ATG . DH . CMView AnswerAnswer: D Explanation: Reference: https://vufind.carli.illinois.edu/vf-rou/Record/rou_346654/TOC

May 28, 2019 No Comments READ MORE +

Which mechanism within the NIST Cybersecurity Framework describes a method to capture the current state and define the target state for understanding gaps, exposure, and prioritize changes to mitigate risk?

Which mechanism within the NIST Cybersecurity Framework describes a method to capture the current state and define the target state for understanding gaps, exposure, and prioritize changes to mitigate risk?A . FunctionsB . ProfilesC . TiersD . CategoriesView AnswerAnswer: C

May 27, 2019 No Comments READ MORE +

What type of item appears in the second column of the table?

Refer to the exhibit. What type of item appears in the second column of the table?A . SubcategoryB . Informative ReferenceC . FunctionD . TierView AnswerAnswer: A

May 25, 2019 No Comments READ MORE +

What type of system processes information, the loss of which would have a debilitating impact to an organization?

What type of system processes information, the loss of which would have a debilitating impact to an organization?A . Mission criticalB . Security criticalC . Business criticalD . Safety criticalView AnswerAnswer: A

May 23, 2019 No Comments READ MORE +

Concerning a risk management strategy, what should the executive level be responsible for communicating?

Concerning a risk management strategy, what should the executive level be responsible for communicating?A . Risk mitigationB . Risk profileC . Risk toleranceD . Asset riskView AnswerAnswer: B

May 21, 2019 No Comments READ MORE +

What does a security benchmark help define?

What does a security benchmark help define?A . Whether or not the organization should implement ISCMB . The Baseline, or “as is” stateC . Which step of the DRP to execute firstD . What parts of the Baseline are appropriateView AnswerAnswer: D

May 13, 2019 No Comments READ MORE +

What database is used to record and manage assets?

What database is used to record and manage assets?A . Configuration Management DatabaseB . Asset Inventory Management DatabaseC . High Availability Mirrored DatabaseD . Patch Management Inventory DatabaseView AnswerAnswer: A Explanation: Reference: https://en.wikipedia.org/wiki/Configuration_management_database

May 9, 2019 No Comments READ MORE +

Which NIST Cybersecurity Framework function should be executed before any others?

Which NIST Cybersecurity Framework function should be executed before any others?A . RespondB . ProtectC . RecoverD . IdentifyView AnswerAnswer: D Explanation: Reference: https://www.nist.gov/cyberframework/online-learning/five-functions

May 6, 2019 No Comments READ MORE +

When should event analysis be performed?

When should event analysis be performed?A . Only when requested by an auditorB . Routinely for all events collected on a mission critical systemC . Only at the discretion of an authorized security analystD . After an event is triggered by the detection systemView AnswerAnswer: B

May 4, 2019 No Comments READ MORE +

What is part of the Pre-Recovery phase?

What is part of the Pre-Recovery phase?A . Backup validationB . Validate functionalityC . Restore assetsD . Monitor assetsView AnswerAnswer: B

May 3, 2019 No Comments READ MORE +