1. After a merger,it was determined that several individuals could perform the tasks of a network administrator in the merged organization. Which of the following should have been performed to ensure that employees have proper access?
A) Periodic auditing of user credentials
B) User rights and permission review
C) Time-of-day restrictions
D) Change management
2. An active/passive configuration has an impact on:
A) integrity
B) availability
C) non-repudiation
D) confidentiality
3. A CSIRT has completed restoration procedures related to a breach of sensitive data is creating documentation used to improve the organization - s security posture. The team has been specifically tasked to address logical controls in their suggestions. Which of the following would be MOST beneficial to include in lessons learned documentation? (Choose two.)(Select 2answers)
A) A list of potential improvements to the organization - s NAC capabilities,which would improve AAA within the environment
B) A summary of the activities performed during each phase of the incident response activity
C) A list of topics that should be added to the organization - s security awareness training program based on weaknesses exploited during the attack
D) A list of policies,which should be revised to provide better clarity to employees regarding acceptable use
E) Data from the organization - s IDS/IPS tools,which show the timeline of the breach and the activities executed by the attacker
F) Recommendations relating to improved log correlation and alerting tools
4. A member of the human resources department received the following email message after sending an email containing benefit and tax information to a candidate: - Your message has been quarantined for the following policy violation: external potential_PII. Please contact the IT security administrator for further details. Which of the following BEST describes why this message was received?
A) The company firewall blocked the recipient - s IP address.
B) The mail gateway prevented the message from being sent to personal email addresses.
C) The DLP system flagged the message.
D) The file integrity check failed for the attached files.
5. A group of non-profit agencies wants to implement a cloud service to share resources with each other and minimize costs. Which of the following cloud deployment models BEST describes this type of effort?
A) Public
B) Community
C) Hybrid
D) Private
Write a public review