- All Exams Instant Download
An organization that is located in a flood zone is MOST likely to document the concerns associated with the restoration of IT operation in a:
An organization that is located in a flood zone is MOST likely to document the concerns associated with the restoration of IT operation in a:A . business continuity planB . communications plan.C . disaster recovery plan.D . continuity of operations planView AnswerAnswer: C
Which of the following should be put in place when negotiating with a new vendor about the timeliness of the response to a significant outage or incident?
Which of the following should be put in place when negotiating with a new vendor about the timeliness of the response to a significant outage or incident?A . MOUB . MTTRC . SLAD . NDAView AnswerAnswer: C Explanation: Service level agreement (SLA). An SLA is an agreement between a company...
Which of the following is the analyst MOST likely seeing?
A cybersecurity analyst reviews the log files from a web server and sees a series of files that indicates a directory-traversal attack has occurred. Which of the following is the analyst MOST likely seeing? A) B) C) D) A . Option AB . Option BC . Option CD . Option...
Which of the following control types is an IDS?
A network administrator has been asked to install an IDS to improve the security posture of an organization. Which of the following control types is an IDS?A . CorrectiveB . PhysicalC . DetectiveD . AdministrativeView AnswerAnswer: C Explanation: IDS = Intrusion Detection System. It is passive and only notifies instead...
Which of the following tactics would an attacker MOST likely use in this scenario?
Company engineers regularly participate in a public Internet forum with other engineers throughout the industry. Which of the following tactics would an attacker MOST likely use in this scenario?A . Watering-hole attackB . Credential harvestingC . Hybrid warfareD . PharmingView AnswerAnswer: A
Which of the following mitigations would be BEST for the security manager to implement while maintaining alerting capabilities?
A large industrial system's smart generator monitors the system status and sends alerts to third-party maintenance personnel when critical failures occur. While reviewing the network logs the company's security manager notices the generator's IP is sending packets to an internal file server's IP. Which of the following mitigations would be...
Which of the following access control schemes would be BEST for the company to implement?
A company processes highly sensitive data and senior management wants to protect the sensitive data by utilizing classification labels. Which of the following access control schemes would be BEST for the company to implement?A . DiscretionaryB . Rule-basedC . Role-basedD . MandatoryView AnswerAnswer: D
Which of the following ISO standards is certified for privacy?
Which of the following ISO standards is certified for privacy?A . ISO 9001B . ISO 27002C . ISO 27701D . ISO 31000View AnswerAnswer: C Explanation: ISO 27701 also abbreviated as PIMS (Privacy Information Management System) outlines a framework for Personally Identifiable Information (PII) Controllers and PII Processors to manage data...
Which of the following is the router experiencing?
A network administrator has been alerted that web pages are experiencing long load times. After determining it is not a routing or DNS issue, the administrator logs in to the router, runs a command, and receives the following output: Which of the following is the router experiencing?A . DDoS attackB...
Which of the following security practices would have addressed the issue?
A retail executive recently accepted a job with a major competitor. The following week, a security analyst reviews the security logs and identifies successful logon attempts to access the departed executive's accounts. Which of the following security practices would have addressed the issue?A . A non-disclosure agreementB . Least privilegeC...
