25 ) SY EX. 9 | COMPLETE | 暗記メーカー

25 ) SY EX. 9 | COMPLETE

15問 • 5ヶ月前

問題一覧

////////////////////// Camilla is participating in the eradication and recovery stage of an incident response process. Which one of the following activities would not normally occur during this phase?

- Analysis of drive capacity consumption

What type of exercise actually activates an organization's incident response plan but has the lowest likelihood of disrupting normal activities?

- Parallel test

Which one of the following events is least likely to trigger the review of an organization's information security program?

- Changes in team members

The Open Source Security Testing Methodology Manual (OSS TMM) is focused on testing in three major areas. Which one of the following is not one of those areas?

- Web servers

Kevin is conducting an assessment of a web application using the OWASP Testing Guide. He is searching for XSS vulnerabilities in the application and would like to use an approach that balances the time required to conduct the testing and the effectiveness of the test. Which approach would be most appropriate?

- Use an automated testing tool.

What is the minimum interval at which an organization should conduct business continuity plan refresher training for those with specific business continuity roles?

- Annually

Which one of the following programs has the primary goal of ensuring that an organization is able to maintain normal operations during a disaster or other disruption?

- Business continuity

Which one of the following programs has the primary goal of helping the organization quickly recover normal operations if they are disrupted?

- Disaster recovery

During what phase of the incident response process would an organization implement defenses designed to reduce the likelihood of a security incident?

- Preparation

After wrapping up an incident response investigation, Chris is attempting to determine what went wrong so that he can implement new security controls that will prevent similar incidents in the future. What term best describes his work?

- Root-cause analysis

What common criticism is leveled at the Cyber Kill Chain?

- It includes actions outside the defended network.

Tamara is a cybersecurity analyst for a private business that is suffering a security breach. She believes the attackers have compromised a database containing sensitive information. Which one of the following activities should be Tamara's first priority?

- Containment

Robert is finishing a draft of a proposed incident response policy for his organization. Who would be the most appropriate person to sign the policy?

- CEO

Which one of the following is not an objective of the containment, eradication, and recovery phase of incident response?

- Detect an incident in progress.

Which one of the following is not a phase of the threat lifecycle addressed in the MITRE ATT&CK model?

- Domination

THE P.T: 1 CHRONICLE: ( ex.9 )

The R.S.S.H Delivery Company · 90問 · 6ヶ月前

THE P.T: 1 CHRONICLE: ( ex.9 )