91%(312)285 out of 312 people found this document helpful
This preview shows page 13 - 17 out of 17 pages.
Question 391 out of 1 points
When an organization completely outsources its IR work, typically to an on-site contractor, it is called a(n) ____ model.Question 401 out of 1 pointsThe champion for the CSIRT may be the same person as the champion for the entire IR function—typically, the ____.Question 410 out of 1 pointsA CSIRT model that is effective for large organizations and for organizations with major computing resources at distant locations is the ____.Question 421 out of 1 points
The announcement of an operational CSIRT should minimally include ____.AnswerSelected Answer:Question 431 out of 1 pointsA key step in the ____ approach to incident response is to discover the identify of the intruder while documenting his or her activity.Question 441 out of 1 pointsUsing a process known as ____, network-based IDPSs look for attack patterns by comparing measured activity to known signatures in their knowledge base to determine whether or not an attack has occurred or may be under way.Question 451 out of 1 points
The ____ is a federal law that creates a general prohibition on the realtime monitoring oftraffic data relating to communications.Question 461 out of 1 pointsThe ____ approach for detecting intrusions is based on the frequency with which certainnetwork activities take place.Question 471 out of 1 pointsA(n) ____ , a type of IDPS that is similar to the NIDPS, reviews the log files generated by servers, network devices, and even other IDPSs.Question 481 out of 1 points
____ are closely monitored network decoys serving that can distract adversaries from more valuable machines on a network; can provide early warning about new attack and exploitation trends; and can allow in-depth examination of adversaries during and after exploitation.Question 491 out of 1 pointsIn an attack known as ____, valid protocol packets exploit poorly configured DNS servers to inject false information to corrupt the servers’ answers to routine DNS queriesfrom other systems on that network.Question 501 out of 1 pointsA(n) ____ is the set of rules and configuration guidelines governing the implementation and operation of IDPSs within the organization.