redo 14

Question 1

to configure confidentiality rules and policies, log incidents, and compile reports.

Answer 1

policy server

Question 2

to enforce policy on client computers, even when they are not connected to the network.

Answer 2

endpoint agents

Question 3

to scan communications at network borders and interface with web and messaging servers to enforce policy.

Answer 3

network agents

Question 4

sets out procedures and guidelines for dealing with security incidents

Answer 4

incident response policy

Question 5

making the system resilient to attack in the first place

Answer 5

preparation

Question 6

determining whether an incident has taken place and assessing how severe it might be, followed by notification of the incident to stakeholders.

Answer 6

detection and analysis

Question 7

limiting the scope and magnitude of the incident

Answer 7

containment , eradication, recovery

Question 8

analyzing the incident and responses to identify whether procedures or systems could be improved

Answer 8

post incident activity

Question 9

is any event that breaches security policy

Answer 9

incident

Question 10

Larger organizations will provide a dedicated ____________________ as a single point-of-contact for security incidents

Answer 10

Computer Security Incident Response Team (CSIRT)

Question 11

__________________ means that the evidence cannot be seen with the naked eye; rather, it must be interpreted using a machine or process.

Answer 11

Latent

Question 12

___ products scan content in structured formats, such as a database with a formal access control model, or unstructured formats, such as email or word processing documents

Answer 12

DLP