100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CSIA 310 Week 1 Incident Handling Questions & Answers 100% Verified $15.49   Add to cart

Exam (elaborations)

CSIA 310 Week 1 Incident Handling Questions & Answers 100% Verified

 5 views  0 purchase
  • Course
  • CSIA
  • Institution
  • CSIA

CSIA 310 Week 1 Incident Handling Questions & Answers 100% Verified FISMA - Correct Answer-The Federal Information Security Management Act (FISMA) requires Federal agencies to establish incident response capabilities Point of contact requirement - Correct Answer-Each Federal civilian agenc...

[Show more]

Preview 4 out of 39  pages

  • August 25, 2024
  • 39
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CSIA
  • CSIA
avatar-seller
TheeGrades
CSIA 310 Week 1 Incident Handling
Questions & Answers 100% Verified
FISMA - Correct Answer-The Federal Information Security Management Act

(FISMA) requires


Federal agencies to establish incident response capabilities


Point of contact requirement - Correct Answer-Each Federal civilian agency must

designate a


primary and secondary point of contact (POC) with US-CERT and report all

incidents consistent


with the agency's incident response policy.


US-CERT - Correct Answer-United States Computer Emergency Readiness Team


Establishing an incident response capability actions - Correct Answer-Creating an

incident


response policy and plan


Developing procedures for performing incident handling and reporting


Setting guidelines for communicating with outside parties regarding incidents


Selecting a team structure and staffing model

, CSIA 310 Week 1 Incident Handling
Questions & Answers 100% Verified
Establishing relationships and lines of communication between the incident

response team and


other groups, both internal (e.g., legal department) and external (e.g., law

enforcement agencies)


Determining what services the incident response team should provide 1


Staffing and training the incident response team.


Reducing incidents - Correct Answer-Organizations should reduce the frequency

of incidents by


effectively securing networks, systems,


and applications.


Document interactions - Correct Answer-Organizations should document their

guidelines for


interactions with other organizations regarding incidents.


Prepardness - Correct Answer-Organizations should be generally prepared to

handle any incident

, CSIA 310 Week 1 Incident Handling
Questions & Answers 100% Verified
but should focus on being prepared to handle incidents that use common attack

vectors.


Attack Vectors - Correct Answer-External/Removable Media: An attack executed

from


removable media (e.g., flash drive, CD) or a peripheral device.


Attrition: An attack that employs brute force methods to compromise, degrade,

or destroy


systems, networks, or services.


Web: An attack executed from a website or web-based application.


Email: An attack executed via an email message or attachment.


Improper Usage: Any incident resulting from violation of an organization's

acceptable usage


policies by an authorized user, excluding the above categories.


Loss or Theft of Equipment: The loss or theft of a computing device or media

used by the

, CSIA 310 Week 1 Incident Handling
Questions & Answers 100% Verified
organization, such as a laptop or smartphone.


Other: An attack that does not fit into any of the other categories.


detection - Correct Answer-Organizations should emphasize the importance of

incident detection


and analysis throughout the organization.Automation is needed to perform an

initial analysis of


the data and select events of interest for human review. Event correlation

software can be of


great value in automating the analysis process.


prioritize - Correct Answer-Organizations should create written guidelines for

prioritizing


incidents.


Lessons learned - Correct Answer-Organizations should use the lessons learned

process to gain


value from incidents.

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller TheeGrades. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $15.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

79373 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$15.49
  • (0)
  Add to cart