Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
1 out of 1 points
A CSIRT model that is effective for large organizations and for organizations with major
computing resources at distant locations is the ____.
Selected Answer:
Correct distributed CSIRT
Correct Answer:
Correct distributed CSIRT
Question 2
0 out of 1 points
The first group to communicate the CSIRTs vision and operational plan is the managerial team
or individual serving as the ____.
Selected Answer:
Incorrect technical lead
Correct Answer:
Correct champion
Question 3
1 out of 1 points
Those services performed in response to a request or a defined event such as a help desk alert are
called ____.
Selected Answer:
Correct reactive services
Correct Answer:
Correct Honeypots
Correct Answer:
Correct Honeypots
Question 10
1 out of 1 points
Using a process known as ____, network-based IDPSs look for attack patterns by comparing
measured activity to known signatures in their knowledge base to determine whether or not an
attack has occurred or may be under way.
Selected Answer:
Correct signature matching
Correct Answer:
Correct signature matching
Question 11
1 out of 1 points
In an attack known as ____, valid protocol packets exploit poorly configured DNS servers to
inject false information to corrupt the servers answers to routine DNS queries from other
systems on that network.
Selected Answer:
Correct DNS cache poisoning
Correct Answer:
Correct DNS cache poisoning
Question 12
1 out of 1 points
The use of IDPS sensors and analysis systems can be quite complex. One very common
approach is to use an open source software program called ____ running on an open source
UNIX or Linux system that can be managed and queried from a desktop computer using a client
interface.
Selected Answer:
Correct Snort
Correct Answer:
Correct Snort
Question 13
1 out of 1 points
The ____ approach for detecting intrusions is based on the frequency with which certain network
activities take place.
Selected Answer:
Correct anomaly-based IDPS
Correct Answer:
Correct anomaly-based IDPS
Question 14
1 out of 1 points
A(n) ____ , a type of IDPS that is similar to the NIDPS, reviews the log files generated by
servers, network devices, and even other IDPSs.
Selected Answer:
Correct log file monitor
Correct Answer:
Question 24
1 out of 1 points
Some recovery strategies seek to improve the ____ of a server or system in addition to, or instead
of, performing backups of data.
Selected Answer:
Correct robustness
Correct Answer:
Correct robustness
Question 25
1 out of 1 points
The ____ is used to collect information directly from the end users and business managers.
Selected Answer:
Correct facilitated data-gathering session
Correct Answer:
Correct facilitated data-gathering session
Question 26
1 out of 1 points
The purpose of the ____ is to define the scope of the CP operations and establish managerial
intent with regard to timetables for response to incidents, recovery from disasters, and
reestablishment of operations for continuity.
Selected Answer:
Correct contingency planning policy
Correct Answer:
____ is the process of systematically examining information assets for evidentiary material that
can provide insight into how an incident transpired.
Selected Answer:
Correct Forensics analysis
Correct Answer:
Correct Forensics analysis
Question 39
1 out of 1 points
A favorite pastime of information security professionals is ____, which is a simulation of attack
and defense activities using realistic networks and information systems.
Selected Answer:
Correct war gaming
Correct Answer:
Correct war gaming
Question 40
1 out of 1 points
Should an incident begin to escalate, the CSIRT team leader continues to add resources and skill
sets as necessary to attempt to contain and terminate the incident. The resulting team is called the
____ for this particular incident.
Selected Answer:
Correct reaction force
Correct Answer:
Correct reaction force
Question 41
1 out of 1 points
General users require training on the technical details of how to do their jobs securely, including
good security practices, ____ management, specialized access controls, and violation reporting.
Selected Answer:
Correct password
Correct Answer:
Correct password
Question 42
1 out of 1 points
The ____ illustrates the most critical characteristics of information and has been the industry
standard for computer security since the development of the mainframe.
Selected Answer:
Correct C.I.A. triangle
Correct Answer:
Correct C.I.A. triangle
Question 43
1 out of 1 points
____ assigns a risk rating or score to each information asset. Although this number does not
mean anything in absolute terms, it is useful in gauging the relative risk to each vulnerable
information asset and facilitates the development of comparative ratings later in the risk control
process.
Selected Answer:
A ____ is a document that describes how, in the event of a disaster, critical business functions
continue at an alternate location while the organization recovers its ability to function at the
primary site.
Selected Answer:
Correct business continuity plan
Correct Answer:
Correct business continuity plan
Question 47
1 out of 1 points
A(n) ____ is an object, person, or other entity that is a potential risk of loss to an asset.
Selected Answer:
Correct threat
Correct Answer:
Correct threat
Question 48
1 out of 1 points
A(n) ____ is used to anticipate, react to, and recover from events that threaten the security of
information and information assets in an organization; it is also used to restore the organization
to normal modes of business operations;
Selected Answer:
Correct contingency plan
Correct Answer:
Correct contingency plan
Question 49
1 out of 1 points
Information assets have ____ when they are not exposed (while being stored, processed, or
transmitted) to corruption, damage, destruction, or other disruption of their authentic states.
Selected Answer:
Correct integrity
Correct Answer:
Correct integrity
Question 50
1 out of 1 points
____ hack systems to conduct terrorist activities through network or Internet pathways.
Selected Answer:
Correct Cyberterrorists
Correct Answer:
Correct Cyberterrorists