CompTIA Security Plus Risk Management Part 5
RAM
A warrant has been issued to investigate a file server that is suspected to be part of an organized crime to steal credit card information. You are instructed to follow the order of volatility. Which data would you collect first?
Preventive
Each salesperson who travels has a cable lock to lock down their laptop when they step away from the device. Which of the following controls does this apply?
Single Loss Expectancy (SLE) × Annual Rate of Occurrence (ARO)
How do you calculate the annual loss expectancy (ALE) that may occur due to a threat?
Capture the system image and Take Hashes
In the initial stages of a forensics investigation, Zack, a security administrator, was given the hard drive of the compromised workstation by the incident manager. Which of the following data acquisition procedures would Zack need to perform in order to begin the analysis? (Choose two.)
Confidentiality and Integrity
Recently, company data that was sent over the Internet was intercepted and read by hackers. This damaged the company's reputation with its customers. You have been asked to implement a policy that will protect against these attacks. Which of the following options would you choose to help protect data that is sent over the Internet? (Choose two.)
Guidelines and enforcement
What should human resources personnel be trained in regarding security policies?
Personnel who promptly and correctly handle incidents so they can be quickly contained, investigated, and recovered from
Which of the following best describes a Computer Incident Response Team (CIRT)?
Pop-up blocker
Which of the following can help mitigate adware intrusions?
Account lockout threshold
Which of the following decreases the success of brute-force attacks?
Property and Life
Which of the following impact scenarios would include severe weather events? (Choose two.)
Data backups and Cable Locks
Which of the following is an example of a preventive control? (Choose two.)
Determine if the suspect is guilty based on the findings
Which of the following is not a basic concept of computer forensics?
RPO
Which of the following outlines a business goal for system restoration and allowable data loss?
Technical controls
Which of the following secures access to company data in agreement to management policies?
Business impact analysis
Which of the following would help build informed decisions regarding a specific DRP?
Transfer
You are a security administrator for your company and you identify a security risk that you do not have in-house skills to address. You decide to acquire contract resources. The contractor will be responsible for handling and managing this security risk. Which of the following type of risk response technique are you demonstrating?
MTBF
You are a server administrator for your company's private cloud. To provide service to employees, you are instructed to use reliable hard disks in the server to host a virtual environment. Which of the following best describes the reliability of hard drives?
Property
You are an IT manager and discovered your department had a break-in, and the company's computers were physically damaged. What type of impact best describes this situation?
Large amount of income loss during short downtime and Business contracts enduring no more than 8 hours of downtime
You are attending a meeting with your manager and he wants to validate the cost of a warm site versus a cold site. Which of the following reasons best justify the cost of a warm site? (Choose two.)
Single point of failure
You are replacing a number of devices with a mobile appliance that combines several functions. Which of the following describes the new implementation?
