Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security + exam > Practice Questions 145-150 > Flashcards

Practice Questions 145-150 Flashcards

1
Q

Your organization includes a software development division within the IT department. One developer writes and maintains applications for the Payroll department. Once a year, they have to switch roles for at least a month. What is the purpose of practice?
A. To encore a separation of duty policy
B. To enforce a mandatory vacation policy
C. To enforce a job rotation
D. To enforce an acceptable use policy.

A

Job rotation policy is in place so that the employees must rotate into different jobs and id designed to reduce potential incidents.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q 
Your organization is considering storage of sensitive data with a cloud provider. Your organization wants to ensure the data is encrypted while at rest and while in transit. Which type of interoperability agreement can you organization use to ensure the data is encrypted while in transit?
A. SLA
B. BPA
C. MOU
D. ISA
A

Interconnection security agreement (ISA) specifies technical and security requirements for secure connections and can ensure data is encrypted while in transit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q 
You work as a help-desk professional in a large organization. You have begun to receive an extra extraordinary number of calls from employees related to malware. Using common incident response procedures, which  should be your FIRST response?
A. Preparation 
B. Identification 
C. Eradication 
D. Recovery
A

The first response is incident identification. Everything is after.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q 
An incident response team is following typical incident response procedures. Which phrases is the BEST choice for analyzing an incident with a goal of identifying steps to prevent a reoccurrence of the incident?
A. Preparation
B. Identification 
C. Eradication
D. Lessons learned
A

You should analyze an incident during the lessons learned phase of incident response with he goal of identifying steps to prevent reoccurrence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You are helping your organization create a security policy for incident response. Which is the BEST choice to include when an incident requires confiscation of physical asset?
A. Ensure hashes are taken first.
B. Ensure witness sign an AUP
C. Maintain the order of volatility.
D. Keep a record of everyone who took possession of the physical asset.

A

It is important to keep a chain of custody for any confiscated item and the chain of custody is a record of everyone who took possession of the asset after it was first confiscated.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Security personnel confiscated a user’s workstation after a security incident. Administrators removed the hard drive for forensic analysis, but left it unattended for several hours before capturing an image. Which of the following could prevent the company from taking the employee to court over this incident?
A. Witnesses were not identified.
B. A chain of custody was not maintained.
C. An order of volatility was not maintained.
D. A hard drive analysis was not complete.

A

A chain of custody was not maintained because the hard drive was left unattended for several hours before capturing an image.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security + exam (14 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions