Revision Questions
- A security manager discovered an attempted SQL injection attack on an application. However, they could not determine whether it was successful. Who is in the best position to assess the possible impact of the attack?
- The application support team
- The incident response team
- The business process owner
- The network security team
- What is the most important advantage of implementing a systematic and methodological incident management program?
- It reduces the cost of incident management
- It makes incident management more flexible
- It helps the responder gain experience
- It provides evidence of due diligence to support legal and liability claims
- Once a virus incident has been resolved, the security manager will be most interested in knowing the:
- Configuration of the anti-malware software
- Other organizations impacted by the same virus
- Path of the virus's entry
- Author of the virus
- What is the objective of reviewing the observations of staff involved in a disaster recovery...