1. Which of the following principles describes how a security analyst should communicate during an incident?A....
1. Which of the following principles describes how a security analyst should communicate during an incident?
A. The communication should be limited to trusted parties only.
B. The communication should be limited to security staff only.
C. The communication should come from law enforcement.
D. The communication should be limited to management only.
Homework Answers
1. Which of the following principles describes how a security analyst should communicate during an incident?
Answer:
A. The communication should be limited to trusted parties only.
Explanation:
During a security breach it is best to limit communication to trusted parties because there parties could also be in charge of taking decisions thus communicating the issue to any other party could delay remedial measures. This is especially effective in the case of a large attack and where you'd want to eliminate any involvement of hostile parties.
Why the other
options don't fit:
B. The communication should be limited to security staff
only.
Explanation
Security staff could be involved for smaller threats but deciding on this based on the magnitude of the threat but often, it is better to limit communication to trusted parties.
C. The communication should come from law enforcement.
Explanation
In the case of a breach with results in litigation or legal proceedings, then after the authorities and related offices/departments are notified, the analyst could wait for communication from law enforcement.
D. The communication should be limited to management
only.
Explanation
At times certain other departments could be stakeholders and thus limiting communication only to management would prove inefficient.
Add Answer to:
1. Which of the following principles describes how a security analyst should communicate during an incident?A....
During a table top exercise, it is determined that a security analyst is required to ensure...
During a table top exercise, it is determined that a security analyst is required to ensure patching and scan reports are available during an incident, as well as documentation of all critical systems. To which of the following stakeholders should the analyst provide the reports? A Management B Affected Vendors C Security Operations D Legal
Several users have reported that when attempting to save documents in team folders, the following message...
Several users have reported that when attempting to save documents in team folders, the following message is received: The File Cannot Be Copied or Moved – Service Unavailable. Upon further investigation, it is found that the syslog server is not obtaining log events from the file server to which the users are attempting to copy files. Which of the following is the MOST likely scenario causing these issues? A. All the available space on the file server is consumed B....
1-In which type of incident does a person or program, acting on behalf of another person,...
1-In which type of incident does a person or program, acting on behalf of another person, perform an invalid action? a) Repudiation b)Identity theft c)Subversion 2-What type of incident forces the victim to pay money to the attacker by threatening to reveal information that could lead to a severe loss for the victim? a) extortion b)harassment c)overpowering 3- Which incident-prevention strategy might involve the review of Internet Security and Acceleration (ISA) Server logs? a)defense-in-depth b)auditing c)scanning d)detecting intrusions 4-Which of...
A security analyst discovers a network intrusion and quickly solves the problem by closing an unused...
A security analyst discovers a network intrusion and quickly solves the problem by closing an unused port. Which of the following should be completed? (choose one and why) A. Vulnerability report B. Memorandum of agreement C. Reverse-engineering incident report D. Lessons learned report
A cyber security analyst noticed a spike in activities from the guest wireless network to several...
A cyber security analyst noticed a spike in activities from the
guest wireless network to several electronic health record (EHR)
systems. After further analysis, the analyst discovered that a
large volume of data has been uploaded to a cloud provider in the
last six months. Which of the following actions should the analyst
do FIRST?
A. Contact the Office of Civil Rights (OCR) to report the
breach
B. Put an ACL on the gateway router
C. Notify the Chief Privacy...
A security analyst identified an sql injection attack. Which of the following is the first step...
A security analyst identified an sql injection attack. Which of the following is the first step in remediating the vulnerability? A. implement stored procedures B. implement proper error handling C. implement input validations D. implements a WAF. Please explain. The only two options in my mind are A and C.
Malicious users utilized brute force to access a system. A cyber security analyst is investigating these...
Malicious users utilized brute force to access a system. A cyber security analyst is investigating these attacks and recommends methods to management that would help secure the system. Which of the following controls should the analyst recommend? (Choose three.) A. Multifactor authentication B. Network segmentation C. Single sign-on D. Encryption E. Complexity policy F. Biometrics G. Obfuscation --------------------------------------------------------------------------------------------------------- A cyber security analyst was tasked with providing recommendations of technologies that are PKI X.509 compliant for a variety of secure functions....
A security analyst wants to create a NIDS rule to detect when anomalous DNS traffic takes...
A security analyst wants to create a NIDS rule to detect when anomalous DNS traffic takes place on the network. Which of the following items should the analyst take into consideration? (Select TWO). A DNS uses TCP over port 53. B DNS Traffic must be decrypted before being inspected. C UDP queries are usually bigger than 1024 bytes. D Zone transfers are public and can be accepted from any source. E Zone transfers should only be sent to approved destinations.
Please choose 5 questions from 20 and answer them. 1. How can a security framework assist...
Please choose 5 questions from 20 and answer them.
1. How can a security framework assist in the design and implementation of a security infrastructure? What is information security governance? Who in the organization should plan for it? 2. Where can a security administrator find information on established security frameworks? 3. What is the ISO 27000 series of standards? Which individual standards make up the series? 4. What are the issues associated with adopting a formal framework or model? 5....
Multiple Choice 1. Which statement applies to a lowimpact exposure incident? A. A low-impact expo...
Multiple Choice 1. Which statement applies to a lowimpact exposure incident? A. A low-impact exposure incident only involves repairing the broken system. B. A low-impact exposure incident may result in significant risk exposure. C. A low-impact exposure incident require the highest level of scrutiny. D. A low-impact exposure incident can essentially be ignored. 2. What are the two components comprising information criticality? A. Data location and data classification B. Quantity of data involved and data location C. Data classification and...
A cyber security analyst noticed a spike in activities from the
guest wireless network to several electronic health record (EHR)
systems. After further analysis, the analyst discovered that a
large volume of data has been uploaded to a cloud provider in the
last six months. Which of the following actions should the analyst
do FIRST?
A. Contact the Office of Civil Rights (OCR) to report the
breach
B. Put an ACL on the gateway router
C. Notify the Chief Privacy...
Please choose 5 questions from 20 and answer them.
1. How can a security framework assist in the design and implementation of a security infrastructure? What is information security governance? Who in the organization should plan for it? 2. Where can a security administrator find information on established security frameworks? 3. What is the ISO 27000 series of standards? Which individual standards make up the series? 4. What are the issues associated with adopting a formal framework or model? 5....
Most questions answered within 3 hours.
-
What is happening to the electron in the tube to make it deflect
more when Vd...
asked 7 minutes ago -
You start with 23.00g of aluminum and 55.00g of NH4ClO4. What is
the limiting reagent? 10Al(s)...
asked 13 minutes ago -
Find the errors in following program.
//This program uses a switch statement to assign a
//...
asked 15 minutes ago -
The mass structure of a spiral galaxy may be determined by
measurement of its___________ ________________
asked 24 minutes ago -
How do you define corrupt power? Lord Acton, a British historian
of the late 19th century,...
asked 21 minutes ago -
1. If demand deceases and supply remains constant, what happens
to the market equilibrium?
A. Quantity...
asked 28 minutes ago -
A ball of mass 81 kg is dropped from a height of 22 m. What is...
asked 29 minutes ago -
There are 3 golden retrievers, 2 dachshunds, and 4 chocolate
labs in a kennel. Two dogs...
asked 45 minutes ago -
When a fixture of real property is physically detached from the
real property, it is known...
asked 42 minutes ago -
Imagine you are driving around a horizontal circular track (such
as a roundabout at an intersection...
asked 59 minutes ago -
Draw the structures that correspond to the following names.
Correct any names that are not in...
asked 1 hour ago -
Do elephants and cows present an interesting dichotomy when
viewed from the perspective of property rights?
asked 1 hour ago