What procedure is designed to enable security personnel to detect, analyze, contain, eradicate, respond, and recover from malicious computer incidents such as a denial-of-service attack? A . Disaster Recovery Plan B . Emergency Analysis Plan C . Crisis Communication Plan D . Incident Response Plan
What must be included in the CMDB? A . Inventory of uninstalled software B . Software End User Licensing Agreements C . Dependencies of installed components D . Known vulnerabilities of installed software
Your firewall blocked several machines on your network from connecting to a malicious IP address. After reviewing the logs, the CSIRT discovers all Microsoft Windows machines on the network have been affected based on a newly published CVE.
Based on the IRP, what should be done immediately? A . Update the asset inventory B . Contain the breach C . Eradicate the breach D . Revise the IRP
Which document provides an implementation plan to recover business functions and processes during and after an event? A . Business Continuity Plan B . Disaster Recovery Plan C . Risk Assessment Strategy D . Business Impact Analysis
What process is used to identify an organization’s physical, digital, and human resource, as required in their Business Impact Analysis? A . Risk Management Strategy B . Risk Assessment C . Risk Treatment D . Asset Inventory
What is a consideration when performing data collection in Information Security Continuous Monitoring? A . Data collection efficiency is increased through automation. B . The more data collected, the better chances to catch an anomaly. C . Collection is used only for compliance requirements. D . Data is best captured as it traverses the network.
What is the main goal of a gap analysis in the Identify function? A . Determine security controls to improve security measures B . Determine actions required to get from the current profile state to the target profile state C . Identify gaps between Cybersecurity Framework and Cyber Resilient Lifecycle pertaining to that function D . Identify business process gaps to improve business efficiency