Which of the following incident recovery testing methods works by creating a mock disaster, like fire to identify the reaction of the procedures that are implemented to handle such situations?
The service organization that provides 24x7 computer security incident response services to any user, company, government agency, or organization is known as:
One of the goals of CSIRT is to manage security problems by taking a certain approach towards the customers’ security vulnerabilities and by responding effectively to potential information security incidents. Identify the incident response approach that focuses on developing the infrastructure and security processes before the occurrence or detection of an event or any incident:
Computer viruses are malicious software programs that infect computers and corrupt or delete the data on them. Identify the virus type that specifically infects Microsoft Word files?
Incidents are reported in order to:
An assault on system security that is derived from an intelligent threat is called:
Which of the following can be considered synonymous:
In a qualitative risk analysis, risk is calculated in terms of:
A malware code that infects computer files, corrupts or deletes the data in them and requires a host file to propagate is called:
The policy that defines which set of events needs to be logged in order to capture and review the important data in a timely manner is known as:
An audit trail policy collects all audit trails such as series of records of computer events, about an operating system, application or user activities. Which of the following statements is NOT true for an audit trail policy:
Incident Response Plan requires
________________ attach(es) to files
Spyware tool used to record malicious user’s computer activities and keyboard stokes is called:
The insider risk matrix consists of technical literacy and business process knowledge vectors. Considering the matrix, one can conclude that:
The ability of an agency to continue to function even after a disastrous event, accomplished through the deployment of redundant hardware and software, the use of fault tolerant systems, as well as a solid backup and recovery strategy is known as:
The open source TCP/IP network intrusion prevention and detection system (IDS/IPS), uses a rule-driven language, performs real-time traffic analysis and packet logging is known as:
Overall Likelihood rating of a Threat to Exploit a Vulnerability is driven by :
Ensuring the integrity, confidentiality and availability of electronic protected health information of a patient is known as:
ADAM, an employee from a multinational company, uses his company’s accounts to send e-mails to a third party with their spoofed mail address. How can you categorize this type of account?
An organization faced an information security incident where a disgruntled employee passed sensitive access control information to a competitor. The organization’s incident response manager, upon investigation, found that the incident must be handled within a few hours on the same day to maintain business continuity and market competitiveness. How would you categorize such information security incident?
Business Continuity planning includes other plans such as:
The program that helps to train people to be better prepared to respond to emergency situations in their communities is known as:
In NIST risk assessment/ methodology; the process of identifying the boundaries of an IT system along with the resources and information that constitute the system is known as: