212-89

Identify a standard national process which establishes a set of activities, general tasks and a management structure to certify and accredit systems that will maintain the information assurance (IA) and security posture of a system or site.A . NIASAPB . NIAAAPC . NIPACPD . NIACAPView AnswerAnswer: D

Quantitative risk is the numerical determination of the probability of an adverse event and the extent of the losses due to the event. Quantitative risk is calculated as:A . (Probability of Loss) X (Loss)B . (Loss) / (Probability of Loss)C . (Probability of Loss) / (Loss)D . Significant Risks X...

Which of the following methods help incident responders to reduce the false-positive alert rates and further provide benefits of focusing on top priority issues, thereby reducing potential risk and corporate liabilities?A . Threat attributionB . Threat correlationC . Threat contextualizationD . Threat profilingView AnswerAnswer: D

Michael is an incident handler at CyberTech Solutions. He is performing detection and analysis of a cloud security incident. He is also analyzing the filesystems, slack spaces, and metadata within the storage units to find hidden malware and evidence of malice. Identify the cloud security incident handled by Michael:A ....

Which stage of the incident response and handling process involves auditing the system and network logfiles?A . Incident triageB . Incident eradicationC . ContainmentD . Incident disclosureView AnswerAnswer: D

Computer Forensics is the branch of forensic science in which legal evidence is found in any computer or any digital media device. Of the following, who is responsible for examining the evidence acquired and separating the useful evidence?A . Evidence SupervisorB . Evidence DocumenterC . Evidence ManagerD . Evidence Examiner/...

An organization named Sam Morison Inc.decided to use cloud-based services to reduce the cost of their maintenance. They first identified various risks and threats associated with cloud service adoption and migrating critical business data to third-party systems. Hence, the organization decided to deploy cloud-based security tools to prevent upcoming threats....

In which of the steps of NIST’s risk assessment methodology are the boundary of the IT system, along with the resources and the information that constitute the system identified?A . Likelihood DeterminationB . Control recommendationC . System characterizationD . Control analysisView AnswerAnswer: C

Except for some common roles, the roles in an IRT are distinct for every organization. Which among the following is the role played by the Incident Coordinator of an IRT?A . Links the appropriate technology to the incident to ensure that the foundation’s offices are returned to normal operations as...

The insider risk matrix consists of technical literacy and business process knowledge vectors. Considering the matrix, one can conclude that:A . If the insider’s technical literacy is low and process knowledge is high, the risk posed by the threat will be insignificant.B . If the insider’s technical literacy and process...