This chapter covers a wide range of related topics—from monitoring and auditing networks to identifying and handling incidents. Understanding your network’s current state and its ability to recover from incidents is an important skill for technicians and management.
It isn’t enough to simply sample performance data. You need to have a deep enough understanding of your network’s normal operation to recognize when things aren’t right and have well-thought out plans to follow to respond in such cases. Restoring normal operation demands awareness to identify abnormal behavior and plans to react.
Which of the following was first released in 2014 in response to a U.S. Presidential Executive Order calling for increased cybersecurity?
NIST CSF
ISO 27002
ITIL
COSO
Which of the following uses business rules to classify sensitive information to prevent unauthorized end users from sharing information?
DLP
IDS
Logging
Clipping
Which of the following is a type of wireless encryption you should not use on a wireless network due to its lack of security?
WPA
IPSEC
PPP
WEP
What type of error triggers an alert when a threat really doesn’t exist?
False negative
True negative
False positive
True positive
What configuration setting can you adjust to avoid Type I errors?
Clipping level
Heuristic ruleset
Encryption technique
Logging level
Which industry standard requires that organizations keep logs for at least one year?
HIPAA
SOX
NIST
PCI DSS
What management software provides a common platform to capture and analyze log entries?
ERP
SIEM
Monitor
HIDS
Which of the following is any action that results in a violation of, or threatened violation of, the security policy?
Event
Threat
Vulnerability
Incident
What is the first step in properly responding to an incident?
Identification
Containment
Eradication
Communication
What type of plan defines how an organization would respond to a power outage that lasts two days?
BIA
BCP
DRP
IPS
What type of plan defines how an organization would respond to a fire that destroys the building housing the organization’s data center?
BIA
BCP
DRP
IPS
Which activity identifies processes that are critical to a business’s ability to carry out its core operations?
BIA
BCP
DRP
IPS
BCP stands for:
Business continuity planning
Business career planning
Business continuity policy
Business continuity practices
DRP stands for:
Disaster recovery planning
Disaster recovery procedures
Design recommendation policy
Design review policy
An organization must choose between BCP and DRP as an approach for dealing with unplanned events affecting their telecommunications infrastructure.
True
False
..................Content has been hidden....................
You can't read the all page of ebook, please click
here login for view all page.