Blog

Which step of the incident response methodology might include actions such as disconnecting the compromised area from the network, isolating the source of the attack, disconnecting the affected computer(s) in order to perform further investigation, or terminating unwanted connections or processes on affected machines?

True or False? A policy is a means of implementing a control, such as a way to prevent or detect a specific type of security breach.

True or False? The lack of a consistent configuration is a problem that arises when similar technologies are used in different ways by different lines of business.

Aditya is a security professional. He needs to inform employees of recent changes to the organization’s security policy, but is short on time, so Alice is helping him temporarily. Alice is a trainer but is not familiar with messaging. Which of the following would be bad advice for Alice?

Organizations that offer remote access should have strong perimeter security solutions, such as authentication software and a(n) __________ that provides a barrier to traffic crossing the network’s perimeter and permits only authorized traffic.

True or False? During an incident, the incident response team (IRT) legal representative can help facilitate communication with law enforcement.

True or False? Under the proportionality principle, a common core security principle, security levels, costs, practices, and procedures are appropriate and proportionate to the degree of reliance on the system and the value of the data.

In the lab, you used __________ to implement the organization’s password policy.

All of the following are true of anomaly-based intrusion detection systems (IDSs), except:

True or False? A brown bag session provides a nonthreatening forum for the chief information security officer (CISO) to connect with various levels within the organization.