100%(7)7 out of 7 people found this document helpful
This preview shows page 7 - 11 out of 13 pages.
Question 291 out of 1 pointsThe ____ flow of information needed from the CSIRT to organizational and IT/InfoSec management is a critical communication requirement.
Question 301 out of 1 pointsA CSIRT model that is effective for large organizations and for organizations with major computing resources at distant locations is the ____.Question 311 out of 1 pointsThe first group to communicate the CSIRT’s vision and operational plan is the managerial team or individual serving as the ____.Question 321 out of 1 pointsWhen an organization completely outsources its IR work, typically to an on-site contractor, it is called a(n) ____ model.Question 331 out of 1 pointsThe organization must first understand what skills are needed to effectively respond to an incident. If necessary, management must determine if it is willing to acquire needed ____ to fill in the gaps.Question 341 out of 1 points____ is the risk control approach that attempts to reduce the impact caused by the
exploitation of vulnerability through planning and preparation.Question 351 out of 1 pointsInformation assets have ____ when they are not exposed (while being stored, processed, or transmitted) to corruption, damage, destruction, or other disruption of their authentic states.Question 361 out of 1 points____ (sometimes referred to as avoidance) is the risk control strategy that attempts to prevent the exploitation of a vulnerability.Question 371 out of 1 pointsA ____ attack seeks to deny legitimate users access to services by either tying up aserver’s available resources or causing it to shut down.Question 381 out of 1 pointsA(n) ____ is an object, person, or other entity that is a potential risk of loss to an asset.
Question 391 out of 1 points____ assigns a risk rating or score to each information asset. Although this number does not mean anything in absolute terms, it is useful in gauging the relative risk to each vulnerable information asset and facilitates the development of comparative ratings later in the risk control process.