3 Months Free Update
3 Months Free Update
3 Months Free Update
A continuously updated CMDB is an output of which NIST function and category?
The network security team in your company has discovered a threat that leaked partial data on a compromised file server that handles sensitive information. Containment must be initiated and addresses by the CSIRT.
Service disruption is not a concern because this server is used only to store files and does not hold any critical workload. Your company security policy required that all forensic information must be preserved.
Which actions should you take to stop data leakage and comply with requirements of the company security policy?
A security engineer is responsible for monitoring company software, firmware, system OS, and applications for known vulnerabilities. How should they stay current on exploits and information security?
What should an organization use to effectively mitigate against password sharing to prevent unauthorized
access to systems?
What is a consideration when performing data collection in Information Security Continuous Monitoring?
You need to review your current security baseline policy for your company and determine which security
controls need to be applied to the baseline and what changes have occurred since the last update.
Which category addresses this need?
A company implemented an intrusion detection system. They notice the system generates a very large number of false alarms.
What steps should the company take to rectify this situation?
What determines the technical controls used to restrict access to USB devices and help prevent their use
within a company?
What is the primary objective of establishing governance and risk management processes for an organization?
A company suffers a data breach and determines that the threat actors stole or compromised 10,000 user
profiles. The company had planned for such a breach and determined the loss would be around $2 million.
Soon after restoration, the company stock suffered a 30% drop and the loss was nearly $20 million. In addition, the company received negative press.
Which area of risk did the business forget to account for?
What is concerned with availability, reliability, and recoverability of business processes and functions?