During a table top exercise, it is determined that a security analyst is required to ensure patching and scan reports are available during an incident, as well as documentation of all critical systems. To which of the following stakeholders should the analyst provide the reports?
A Management
B Affected Vendors
C Security Operations
D Legal
He must provide the reports to security operatiobs.
##That is all about your answer........please uvote my answer.......please.........
During a table top exercise, it is determined that a security analyst is required to ensure...
156. A cybersecurity analyst is hired to review the security posture of a company. The cybersecurity analyst notices a very high network bandwidth consumption due to SYN floods from a small number of IP addresses. Which of the following would be the BEST action to take to support incident response? A. Increase the company's bandwidth. B. Apply ingress filters at the routers. C. Install a packet capturing tool. D. Block all SYN packets. My guess: B _______________________________________ 161. The security...
A hospital’s security team recently determined its network was breached and patient data was accessed by an external entity. The Chief Information Security Officer (CISO) of the hospital approaches the executive management team with this information, reports the vulnerability that led to the breach has already been remediated, and explains the team is continuing to follow the appropriate incident response plan. The executive team is concerned about the hospital’s brand reputation and asks the CISO when the incident should be...
376. A security analyst receives a mobile device with symptoms of a virus infection. The virus is morphing whenever it is from sandbox to sandbox to analyze. Which of the following will help to identify the number of variations through the analysis life cycle? A. Journaling B. Hashing utilities C. Log viewers D. OS and process analysis My guess: C Other’s answer: D __________________________________________________ 378. Which of the following BEST describes why vulnerabilities found in ICS and SCADA can be...
Below is an article, Please summarize it in your own words. 2-3 paragraphs! COMMUNICATION PLAN The SOC should have a standard communication plan above and beyond what we have already talked about in daily operational management calls or critical bridges. This communication plan should detail all the different scenarios where distinc- tive people should be contacted and what their contact information is when specific events or incidents occur. Organizations should work hard to establish the best IR communication plan as...
The discussion: 150 -200 words. Auditing We know that computer security audits are important in business. However, let’s think about the types of audits that need to be performed and the frequency of these audits. Create a timeline that occurs during the fiscal year of audits that should occur and “who” should conduct the audits? Are they internal individuals, system administrators, internal accountants, external accountants, or others? Let me start you: (my timeline is wrong but you should use some...
Case 9.3 Airbag Adversity Insufficient quality management during product development, launch, and production can lead to subsequent costly projects and programs to rectify problems. This is especially true when safety-critical items are involved. The 2015 global recall of a large variety of automobile makes, which affected millions of owners, is such as case. The massive recall was related to potentially defective airbags used by auto manufacturers following reports that the airbags had inflators that could explode and expel metal and...
Which role has the PRIMARY responsibility for the documentation of control implementation? Systems security engineer Control assessor Information System Owner (ISO) Information Owner/Steward When making determinations regarding the adequacy of common controls for their respective systems, Information System Owner (ISO) refer to the Common Control Providers’ (CCP) Privacy Impact Assessment (PIA) Business Impact Analysis (BIA) Authorization Packages Vulnerability Scans An organization-wide approach to identifying common controls early in the Risk Management Framework (RMF) process does which of the following? Considers...
!!!Only Project 2 need to be answered!!! Project Report 1 Once the business case has been approved, you need to make a project plan showing each task. Assume you are a project manager to lead your team to acquire an additional delivery van for the company. Please find the details below. The current month is January. Activity (What is to be done?) Objective (Why will we do it?) Resources (Where will it be done?) Procedures (How will it be done?)...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...
A new version of the operating system is being planned for installation into your department’s production environment. What sort of testing would you recommend is done before your department goes live with the new version? Identify each type of testing and describe what is tested. Explain the rationale for performing each type of testing. [ your answer goes here ] Would the amount of testing and types of testing to be done be different if you were installing a security...