suspicious account and works with Christine to identify potentially missing patches and attempts to identify and remove any malware or unauthorized programs. What incident handling step is Raj preforming?
AnaylisisShort-term ContainmentTriageLong-term Containment2 points QUESTION 271.From the steps Raj took in the last question, we can infer that the system is a missioncritical system and cannot be taken off line.TrueFalse2 points QUESTION 281.Continuing with our example above, the incident team has decided to interview several employees. Because he is a trained and experienced interviewer, Tom conducts interviews of the database administrators and system administrators. The purpose of the interview process is to:Determine Policy ComplianceIdentify insufficient ControlsIdentify SuspectsCollect Evidence2 points QUESTION 291.After examining log files, conducting interviews, and inspecting the database server, firewall, and web server, the team concludes that Widgets, Inc. has suffered a breech and was most likely a victim of a SQL injection attack. Reconstructing the attack is part of what phase of incident respones?AnylisisRecoveryInvestigationTriage2 points QUESTION 301.The Widgets, Inc. Incident Response team has made a final report on the incident to the CISO and board of directors. The board is concerned that this vulnerability was not
detected earlier and has decided to engage a third party firm to determine if the company web developers are following the company's software development and testing policies. What is the board requesting?An internal audita vulnerability assesmentAn external auditA penetration test2 points QUESTION 311.A stateful packet inspection firewall checks a packet arriving from the Internet and determines that it is not part of a previously approved connection, it then drops the packet.TrueFalse2 points QUESTION 321.Data exists in only two states, it is either at restor in transit.TrueFalse2 points QUESTION 331.Personally Identifiable Information (PII) may need special handling compared to other data because of:Business ProcessesLegal RequirementsDue ProcessBest Practices2 points QUESTION 341.Quality Assurance and Quality Control are import functions in the Monitor, Evaluate, and Asses stage of the ISS life cycle and are forms of what?Regulatory AuditInternal AuditExternal Audit
You've reached the end of your free preview.
Want to read all 11 pages?
- Winter '18