- All Exams Instant Download
What determines the technical controls used to restrict access to USB devices and help prevent their use within a company?
What determines the technical controls used to restrict access to USB devices and help prevent their use within a company?A . Block use of the USB devices for all employeesB . Written security policy prohibiting the use of the USB devicesC . Acceptable use policy in the employee HR on-boarding...
What is the purpose of a baseline assessment?
What is the purpose of a baseline assessment?A . Enhance data integrityB . Determine costsC . Reduce deployment timeD . Determine riskView AnswerAnswer: D
What are the five categories that make up the Response function?
What are the five categories that make up the Response function?A . Response Planning, Data Security, Communications, Analysis, and MitigationB . Response Planning, Communications, Analysis, Mitigation, and ImprovementsC . Mitigation, Improvements, Maintenance, Response Planning, and GovernanceD . Awareness and Training, Improvements, Communications, Analysis, and GovernanceView AnswerAnswer: B
Which category addresses this need?
You need to review your current security baseline policy for your company and determine which security controls need to be applied to the baseline and what changes have occurred since the last update. Which category addresses this need?A . ID.AMB . PR.IPC . PR.MAD . ID.SCView AnswerAnswer: B
The CSIRT team is following the existing recovery plans on non-production systems in a PRE-BREACH scenario. This action is being executed in which function?
The CSIRT team is following the existing recovery plans on non-production systems in a PRE-BREACH scenario. This action is being executed in which function?A . ProtectB . RecoverC . IdentifyD . RespondView AnswerAnswer: A
What is concerned with availability, reliability, and recoverability of business processes and functions?
What is concerned with availability, reliability, and recoverability of business processes and functions?A . Business Impact AnalysisB . Business Continuity PlanC . Recovery StrategyD . Disaster Recovery PlanView AnswerAnswer: B
What does the Communication Plan for the IRP specifically guide against?
A bank has been alerted to a breach of its reconciliation systems. The notification came from the cybercriminals claiming responsibility in an email to the CEO. The CEO has alerted the company CSIRT. What does the Communication Plan for the IRP specifically guide against?A . Transfer of chain of custodyB...
The CSF recommends that the Communication Plan for an IRP include audience, method of communication, frequency, and what other element?
The CSF recommends that the Communication Plan for an IRP include audience, method of communication, frequency, and what other element?A . Incident categoryB . Message criteriaC . Incident severityD . Templates to useView AnswerAnswer: B
What steps should the company take to rectify this situation?
A company implemented an intrusion detection system. They notice the system generates a very large number of false alarms. What steps should the company take to rectify this situation?A . Re-evaluate the Baseline and make necessary adjustments to the detection rulesB . Replace the intrusion detection system with an intrusion...
At what cyber kill chain stage do attackers use malware to exploit specific software or hardware vulnerabilities on the target, based on the information retrieved at the reconnaissance stage?
At what cyber kill chain stage do attackers use malware to exploit specific software or hardware vulnerabilities on the target, based on the information retrieved at the reconnaissance stage?A . InstallationB . ReconnaissanceC . WeaponizationD . DeliveryView AnswerAnswer: C
