Which of the following is BEST carried out immediately after a security breach is discovered?
A. Risk transference
B. Access control revalidation
C. Change management
D. Incident management
CompTIA exam questions
Which of the following is BEST carried out immediately after a security breach is discovered?
A. Risk transference
B. Access control revalidation
C. Change management
D. Incident management
An internal auditor is concerned with privilege creep that is associated with transfers inside the company. Which mitigation measure would detect and correct this?
A. User rights reviews
B. Least privilege and job rotation
C. Change management
D. Change Control
The system administrator has deployed updated security controls for the network to limit risk of attack. The security manager is concerned that controls continue to function as intended to maintain appropriate security posture.
Which of the following risk mitigation strategies is MOST important to the security manager?
A. User permissions
B. Policy enforcement
C. Routine audits
D. Change management
Key elements of a business impact analysis should include which of the following tasks?
A. Develop recovery strategies, prioritize recovery, create test plans, post-test evaluation, and update processes.
B. Identify institutional and regulatory reporting requirements, develop response teams and communication trees, and develop press release templates.
C. Employ regular preventive measures such as patch management, change management, antivirus and vulnerability scans, and reports to management.
D. Identify critical assets systems and functions, identify dependencies, determine critical downtime limit, define scenarios by type and scope of impact, and quantify loss potential.
After an audit, it was discovered that an account was not disabled in a timely manner after an employee has departed from the organization. Which of the following did the organization fail to properly implement?
A. Routine account audits
B. Account management processes
C. Change management processes
D. User rights and permission reviews
The network administrator is responsible for promoting code to applications on a DMZ web server. Which of the following processes is being followed to ensure application integrity?
A. Application hardening
B. Application firewall review
C. Application change management
D. Application patch management
A systems administrator has made several unauthorized changes to the server cluster that resulted in a major outage. This event has been brought to the attention of the Chief Information Office (CIO) and he has requested immediately implement a risk mitigation strategy to prevent this type of event from reoccurring. Which of the following would be the BEST risk mitigation strategy to implement in order to meet this request?
A. Asset Management
B. Change Management
C. Configuration Management
D. Incident Management
Requiring technicians to report spyware infections is a step in which of the following?
A. Routine audits
B. Change management
C. Incident management
D. Clean desk policy
The security administrator is currently unaware of an incident that occurred a week ago. Which of the following will ensure the administrator is notified in a timely manner in the future?
A. User permissions reviews
B. Incident response team
C. Change management
D. Routine auditing
An administrator reassigns a laptop to a different user in the company. Upon delivering the laptop to the new user, the administrator documents the new location, the user of the device and when the device was reassigned. Which of the following BEST describes these actions?
A. Network map
B. Asset management
C. Change management
D. Baselines