Question

1. Which of the following principles describes how a security analyst should communicate during an incident?A....

1. Which of the following principles describes how a security analyst should communicate during an incident?
A. The communication should be limited to trusted parties only.
B. The communication should be limited to security staff only.
C. The communication should come from law enforcement.
D. The communication should be limited to management only.

 

0 0
Add a comment Improve this question Transcribed image text
✔ Recommended Answer
Answer #1

1. Which of the following principles describes how a security analyst should communicate during an incident?

Answer:

A. The communication should be limited to trusted parties only.

Explanation:

During a security breach it is best to limit communication to trusted parties because there parties could also be in charge of taking decisions thus communicating the issue to any other party could delay remedial measures. This is especially effective in the case of a large attack and where you'd want to eliminate any involvement of hostile parties.

Why the other options don't fit:
B. The communication should be limited to security staff only.

Explanation

Security staff could be involved for smaller threats but deciding on this based on the magnitude of the threat but often, it is better to limit communication to trusted parties.


C. The communication should come from law enforcement.

Explanation

In the case of a breach with results in litigation or legal proceedings, then after the authorities and related offices/departments are notified, the analyst could wait for communication from law enforcement.


D. The communication should be limited to management only.

Explanation

At times certain other departments could be stakeholders and thus limiting communication only to management would prove inefficient.

Add a comment
Know the answer?
Add Answer to:
1. Which of the following principles describes how a security analyst should communicate during an incident?A....
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Similar Homework Help Questions
  • During a table top exercise, it is determined that a security analyst is required to ensure...

    During a table top exercise, it is determined that a security analyst is required to ensure patching and scan reports are available during an incident, as well as documentation of all critical systems. To which of the following stakeholders should the analyst provide the reports? A Management B Affected Vendors C Security Operations D Legal

  • Several users have reported that when attempting to save documents in team folders, the following message...

    Several users have reported that when attempting to save documents in team folders, the following message is received: The File Cannot Be Copied or Moved – Service Unavailable. Upon further investigation, it is found that the syslog server is not obtaining log events from the file server to which the users are attempting to copy files. Which of the following is the MOST likely scenario causing these issues? A. All the available space on the file server is consumed B....

  • 156. A cybersecurity analyst is hired to review the security posture of a company. The cybersecurity...

    156. A cybersecurity analyst is hired to review the security posture of a company. The cybersecurity analyst notices a very high network bandwidth consumption due to SYN floods from a small number of IP addresses. Which of the following would be the BEST action to take to support incident response? A. Increase the company's bandwidth. B. Apply ingress filters at the routers. C. Install a packet capturing tool. D. Block all SYN packets. My guess: B _______________________________________ 161. The security...

  • 376. A security analyst receives a mobile device with symptoms of a virus infection. The virus...

    376. A security analyst receives a mobile device with symptoms of a virus infection. The virus is morphing whenever it is from sandbox to sandbox to analyze. Which of the following will help to identify the number of variations through the analysis life cycle? A. Journaling B. Hashing utilities C. Log viewers D. OS and process analysis My guess: C Other’s answer: D __________________________________________________ 378. Which of the following BEST describes why vulnerabilities found in ICS and SCADA can be...

  • A security analyst discovers a network intrusion and quickly solves the problem by closing an unused...

    A security analyst discovers a network intrusion and quickly solves the problem by closing an unused port. Which of the following should be completed? (choose one and why) A. Vulnerability report B. Memorandum of agreement C. Reverse-engineering incident report D. Lessons learned report

  • 1-In which type of incident does a person or program, acting on behalf of another person,...

    1-In which type of incident does a person or program, acting on behalf of another person, perform an invalid action? a) Repudiation   b)Identity theft c)Subversion 2-What type of incident forces the victim to pay money to the attacker by threatening to reveal information that could lead to a severe loss for the victim? a) extortion b)harassment c)overpowering 3- Which incident-prevention strategy might involve the review of Internet Security and Acceleration (ISA) Server logs? a)defense-in-depth b)auditing c)scanning   d)detecting intrusions 4-Which of...

  • A cyber security analyst noticed a spike in activities from the guest wireless network to several...

    A cyber security analyst noticed a spike in activities from the guest wireless network to several electronic health record (EHR) systems. After further analysis, the analyst discovered that a large volume of data has been uploaded to a cloud provider in the last six months. Which of the following actions should the analyst do FIRST? A. Contact the Office of Civil Rights (OCR) to report the breach B. Put an ACL on the gateway router C. Notify the Chief Privacy...

  • A security analyst identified an sql injection attack. Which of the following is the first step...

    A security analyst identified an sql injection attack. Which of the following is the first step in remediating the vulnerability? A. implement stored procedures B. implement proper error handling C. implement input validations D. implements a WAF. Please explain. The only two options in my mind are A and C.

  • Malicious users utilized brute force to access a system. A cyber security analyst is investigating these...

    Malicious users utilized brute force to access a system. A cyber security analyst is investigating these attacks and recommends methods to management that would help secure the system. Which of the following controls should the analyst recommend? (Choose three.) A. Multifactor authentication B. Network segmentation C. Single sign-on D. Encryption E. Complexity policy F. Biometrics G. Obfuscation --------------------------------------------------------------------------------------------------------- A cyber security analyst was tasked with providing recommendations of technologies that are PKI X.509 compliant for a variety of secure functions....

  • A security analyst wants to create a NIDS rule to detect when anomalous DNS traffic takes...

    A security analyst wants to create a NIDS rule to detect when anomalous DNS traffic takes place on the network. Which of the following items should the analyst take into consideration? (Select TWO). A DNS uses TCP over port 53. B DNS Traffic must be decrypted before being inspected. C UDP queries are usually bigger than 1024 bytes. D Zone transfers are public and can be accepted from any source. E Zone transfers should only be sent to approved destinations.

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT