DES-9131

What procedure is designed to enable security personnel to detect, analyze, contain, eradicate, respond, and recover from malicious computer incidents such as a denial-of-service attack?A . Disaster Recovery PlanB . Emergency Analysis PlanC . Crisis Communication PlanD . Incident Response PlanView AnswerAnswer: D Explanation: Reference: https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-61r2.pdf

What must be included in the CMDB?A . Inventory of uninstalled softwareB . Software End User Licensing AgreementsC . Dependencies of installed componentsD . Known vulnerabilities of installed softwareView AnswerAnswer: C Explanation: Reference: https://docs.servicenow.com/bundle/london-servicenow-platform/page/product/configuration­management/concept/cnfig-mgmt-and-cmdb.html

Your firewall blocked several machines on your network from connecting to a malicious IP address. After reviewing the logs, the CSIRT discovers all Microsoft Windows machines on the network have been affected based on a newly published CVE. Based on the IRP, what should be done immediately?A . Update the...

The CSIRT team is following the existing recovery plans on non-production systems in a PRE-BREACH scenario. This action is being executed in which function?A . ProtectB . RecoverC . IdentifyD . RespondView AnswerAnswer: A

Which document provides an implementation plan to recover business functions and processes during and after an event?A . Business Continuity PlanB . Disaster Recovery PlanC . Risk Assessment StrategyD . Business Impact AnalysisView AnswerAnswer: B Explanation: Reference: https://www.bmc.com/blogs/disaster-recovery-planning/

In which function is the SDLC implemented?A . RespondB . ProtectC . DetectD . RecoverView AnswerAnswer: A

What process is used to identify an organization’s physical, digital, and human resource, as required in their Business Impact Analysis?A . Risk Management StrategyB . Risk AssessmentC . Risk TreatmentD . Asset InventoryView AnswerAnswer: D

DRAG DROP Rank order the relative severity of impact to an organization of each plan, where “1” signifies the most impact and “4” signifies the least impact. View AnswerAnswer:

What is a consideration when performing data collection in Information Security Continuous Monitoring?A . Data collection efficiency is increased through automation.B . The more data collected, the better chances to catch an anomaly.C . Collection is used only for compliance requirements.D . Data is best captured as it traverses the...

What is the main goal of a gap analysis in the Identify function?A . Determine security controls to improve security measuresB . Determine actions required to get from the current profile state to the target profile stateC . Identify gaps between Cybersecurity Framework and Cyber Resilient Lifecycle pertaining to that...