Which of the following terms may be defined as “a measure of possible inability to achieve a goal, objective, or target within a defined security, cost plan and technical limitations that adversely affects the organization’s operation and revenues?
Correct Answer:A
An organization faced an information security incident where a disgruntled employee passed sensitive access control information to a competitor. The organization’s incident response manager, upon investigation, found that the incident must be handled within a few hours on the same day to maintain business continuity and market competitiveness. How would you categorize such information security incident?
Correct Answer:A
The largest number of cyber-attacks are conducted by:
Correct Answer:B
To recover, analyze, and preserve computer and related materials in such a way that it can be presented as evidence in a court of law and identify the evidence in short time, estimate the potential impact of the malicious activity on the victim, and assess the intent and identity of the perpetrator is known as:
Correct Answer:B
In a qualitative risk analysis, risk is calculated in terms of:
Correct Answer:C
What is the best staffing model for an incident response team if current employees’ expertise is very low?
Correct Answer:A