Consider this scenario: A major software company finds that code has been executed on an infected machine in its operating system. As a result, the company begins working to manage the risk and eliminates the vulnerability 12 days later. Which of the following statements best describes the company’s approach? The company effectively implemented data classification. The company effectively implemented quality control. The company effectively implemented patch management. The company effectively implemented quality assurance. 4 points QUESTION 9 1. It is necessary to retain information for two significant reasons: legal obligation and business needs. Data that occupies the class of ________________ is comprised of records that are required to support operations; the data included might be customer and vendor records. regulate d busines s tempor ary perman ent 4 points QUESTION 10 1. It is recommended that organizations retain information for the entire life of their existence because there is no guarantee of when it will be necessary to satisfy the purposes of legal obligations and business operations. True
False 4 points QUESTION 11 1. Because incidents can eventually become court cases, it is necessary that the actions of the IRT demonstrate due care , which requires steps or actions are taken to mitigate harm to another party. True False 4 points QUESTION 12 1. Consider this scenario: A company is notified that its servers have been compromised to be the point of departure to attack a host of other companies. The company then initiates an IRT, which is unable to locate the breach. The company then seeks the services of an outside firm that specializes in forensic analysis and intrusions. The outside firm locates the source of the breach and wants to monitor the actions of the intruder. However, the outside firm is informed by its internal legal counsel that the company does not agree with this course of action. Which of the following statements best captures the effectiveness of the company’s IRT policies? The IRT is completely ineffective because the firm it contracted is not cross-functional. The IRT is completely ineffective because the company didn’t agree with the firm’s recommendations. The IRT is moderately effective because a breach was found without seeking external counsel. The IRT is highly effective because it was activated quickly. 4 points QUESTION 13 1. In general, the IRT is comprised of a team with individuals that have different specialties; one such individual is the ___________________, who offers analytical skills and risk management. This specialist has focused forensic skills necessary for the collection and analysis of evidence.
You've reached the end of your free preview.
Want to read all 8 pages?
- Spring '17