56%(36)20 out of 36 people found this document helpful
This preview shows page 8 - 11 out of 11 pages.
QUESTION 261.Refer to the previous question for the scenario summary. After Christine has completed creating a backup copy of the main database server,Raj moves the server to a newly created VLAN and creates an ACL that limitstraffic to and from the server to only the most necessary, but leaves the system available on the network. He disables access for the suspicious account and works with Christine to identify potentially missing patches and attempts to identify and remove any malware or unauthorized programs. What incident handling step is Raj preforming?Short-term ContainmentAnaylisisTriageLong-term
Containment2.00000 points QUESTION 271.From the steps Raj took in the last question, we can infer that the system is a mission critical system and cannot be taken off line.2.00000 points QUESTION 281.Continuing with our example above, the incident team has decided to interview several employees. Because he is a trained and experienced interviewer, Tom conducts interviews of the database administrators and system administrators. The purpose of the interview process is to:2.00000 points QUESTION 291.After examining log files, conducting interviews, and inspecting the database server, firewall, and web server, the team concludes that Widgets, Inc. has suffered a breech and was most likely a victim of a SQL injection attack. Reconstructing the attack is part of what phase of incident respones?2.00000 points QUESTION 301.The Widgets, Inc. Incident Response team has made a final report on the incident to the CISO and board of directors. The board is concerned that this vulnerability was not detected earlier and has decided to engage a third
party firm to determine if the company web developers are following the company's software developmentand testing policies. What is the board requesting?a vulnerability assesmentA penetration testAn internal auditAn external audit2.00000 points QUESTION 311.A stateful packet inspection firewall checks a packet arriving from the Internet and determines that it is not part of a previously approved connection, it then drops the packet.2.00000 points QUESTION 321.Data exists in only two states, it is either at restor in transit.2.00000 points QUESTION 331.Personally Identifiable Information (PII) may need special handling compared to other data because of:2.00000 points QUESTION 34
1.Quality Assurance and Quality Control are import functions in the Monitor, Evaluate, and Asses stage of the ISS life cycle and are forms of what?External AuditSelf AssesmentRegulatory AuditInternal Audit