TestOut ch 11

1) Backout plans 2) Test results 3) Impact analysis

Due to the introduction of security vulnerabilities during a previous change, company leadership wants reassurance that the vulnerabilities will not happen again. The IT department has made several changes to its change management plan. What are items the IT department would add to this plan? (Select three.)

Enforcing standardized baselines through configuration management tools

Upon receiving additional funding for the new quarter, a software team leader looks to acquire new automation and orchestration tools to enhance the IT department. What is NOT considered a benefit of automation and orchestration implementation for infrastructure management?

1) Vendors 2) Partners 3) Change Advisory Board (CAB)

Upon receiving the findings from a recent inspection, a senior technician must identify the various parties needed to implement change management solutions. Based on those impacted by the change, who are primary stakeholders within the change management spectrum? (Select three.)

Support tickets are automatically generated and routed for incidents detected by monitoring systems.

What advantages can automation and scripting bring to IT operations ticketing platforms?

SOPs outline regular operations or modifications and provide specific guidance for their execution.

What role do standard operating procedures (SOPs) play in the change management process of an organization's established change management program, which aims to guarantee consistent and effective implementation of changes?

Reducing the risk of human error

Which of the following is a benefit of infrastructure management automation?

Processor

Your organization is implementing a new data governance model. You are tasked with assigning roles to various team members. One of your colleagues is responsible for processing personal data on behalf of the controller, based on the controller's instructions. Which data governance role BEST fits this colleague's responsibilities?

1) Single point of failure 2) Cost 3) Technical debt

tech director evaluates the benefits of implementing automation and orchestration into the organization after receiving approval and funding notification for the annual budget. Knowing several benefits tied to automation, what challenges exist when managing automation? (Select three.)

By automating routine tasks, allowing cybersecurity personnel to focus on more complex, strategic issues.

A company has been experiencing issues with operator fatigue within the cybersecurity team, leading to decreased alertness and cognitive function. Considering different strategies to help combat this issue, how can automation and orchestration assist in addressing operator fatigue in security operations?

Incident response plan

A company merged with another company and is reviewing and combining both companies' procedures for incident response. What should the joined companies have at the end of this preparation phase?

Utilize automation and orchestration to improve documentation and maintenance of the code and integrations.

A cybersecurity analyst works in an organization with several legacy systems with undocumented code and poorly maintained integrations. How can the cybersecurity analyst address the technical debt associated with these legacy systems using automation and orchestration?

ISO/IEC 27001

A large multinational company adopts a new standard to enhance its information security management system. The company operates across different regions, so the chosen standard must be internationally recognized. The company wants the standard to provide a comprehensive framework to ensure adequate and proportionate security controls. Which of the following standards would be MOST suitable for the company's needs?

1) Establish a redundant data center 2) Implement a detailed incident response plan

A large technology company has recently experienced a significant system failure due to a cyberattack. The chief information security officer (CISO) is conducting a post-incident review to identify ways to improve the organization's resilience and recovery capabilities. The CISO wants to focus on strategies that could have prevented the system downtime or minimized its duration and impact. From a resilience and recovery standpoint in security architecture and continuity of operations planning (COOP), which of the following strategies would the CISO MOST likely recommend implementing to enhance the organization's ability to prevent or quickly recover from similar incidents in the future? (Select two.)

Governance committee

A multinational company discovered its existing cybersecurity policies were no longer adequate due to evolving cybersecurity threats and updated industry regulations. The board of directors, comprising high-ranking executives, decided to review and revise the policies. Who should the company involve in this process?

Decentralized security governance

A nationwide company realizes its current standardized approach to security is not working. The different company business units need more autonomy and the ability to make decisions that meet their local needs and priorities. What type of security governance should they follow?

Identify

A newly hired chief information security officer (CISO) is implementing the National Institute of Standards and Technology (NIST) Cybersecurity Framework. What first function would help the CISO better develop the company's security policies, such as acceptable use policy (AUP), and build out recommendations for security controls?

Establish a COOP.

A nonprofit organization is working to create an integrated strategy that responds to potential disasters and ensures the continuation of essential functions across various scenarios, including budget constraints and prolonged disruptions. Which approach would BEST address these multifaceted requirements?

It enforces policies in computer systems and networks.

A recently breached company tasks the cyber team to further restrict end-user permissions. What describes the use of an application allow list?

Backout plan

A software patch was inadvertently pushed out early, during the middle of the workday, and has brought business to a halt. The chief executive officer (CEO) demands that the systems return to full operations immediately. What part of the change plan will assist in this task?

Continuous integration and testing

A tech department evaluates the benefits of automation and scripting after recently acquiring new funding. What capability within automation and scripting allows developers to regularly merge their changes back to the main code branch and evaluate each merge automatically to help detect and fix integration problems?

Workforce multiplier

A third-party escalation team participates in a newly contracted project with numerous cyber teams. Being unfamiliar with cyberspace, the escalation team struggles to understand concepts and naming conventions. What is automation and orchestration also known as?

1) Team leader 2) Project manager

After receiving the annual audit results from the Inspector General's office, a cyber specialist begins identifying points of contact to implement change management on numerous flagged processes. Understanding the various positions tied to change management, which roles would normally have ownership in the change management process? (Select two.)

Assessing, approving, and managing changes in the IT infrastructure

An educational institution plans to transition from a traditional to a digital learning system. The school's administration has assembled a Change Management Board (CMB) to ensure smooth and secure execution. Within the scope of this educational institution's digital transformation project, what would be the primary role of the CMB?

1) Guides the development of effective backout plans and downtime contingencies. 2) Helps avoid unintended outages and disruptions during service restarts or downtime events. 3) Supports the development of post-change performance monitoring to validate system functionality and quickly detect issues.

An organization frequently implements changes, reconfigurations, and patches to enhance its IT infrastructure's security and efficiency. The cybersecurity analyst must carefully analyze dependencies between services, applications, and interfaces to avoid unintended outages and disruptions during service restarts or downtime events. How does understanding dependencies impact the change management process? (Select the three best options.)

Automation and orchestration enable repetitive tasks to be performed quickly and consistently, minimizing human error.

As a Security Operations Center (SOC) analyst for a large financial institution that deals with high volumes of alerts and potential threats, what crucial benefit does implementing automation and orchestration in security operations provide?

Implement password salting

As a security analyst at a large corporation, you are tasked with reviewing and improving the company's password security measures. Currently, the company uses a simple hashing algorithm to store passwords. You are considering four options to enhance password security. Which of the following would be the MOST effective method to implement?

Improve session management

As a security manager at a financial institution, you are reviewing the company's access control measures. You have identified potential areas of improvement and are considering four options to enhance access control security. Which of the following would be the MOST effective method to implement?

By enabling and disabling services, modifying access rights, and maintaining the lifecycle of IT resources.

In an IT environment, automation and scripting play a critical role in managing services and access. How does automation assist security analysts in their daily tasks?

1) Diagrams, 2) Important data, 3) Code

Change management is not just for implementing software updates or hardware changes. For example, version control refers to capturing changes made to important documents a company needs. What are some documents that would utilize version control? (Select three.)

Schedule the upgrade during nonworking hours to reduce the impact on users.

The organization is implementing a significant software upgrade that necessitates application restarts. How can the cybersecurity analyst ensure a smooth transition without causing extended downtime?