The newly appointed CISO of an organization is reviewing the IT security strategic plan. Which of the following is the MOST important component of the strategic plan?
Simon had all his systems administrators implement hardware and software firewalls to ensure network
security. They implemented IDS/IPS systems throughout the network to check for and stop any unauthorized
traffic that may attempt to enter. Although Simon and his administrators believed they were secure, a hacker
group was able to get into the network and modify files hosted on the company's website. After searching
through the firewall and server logs, no one could find how the attackers were able to get in. He decides that
the entire network needs to be monitored for critical and essential file changes. This monitoring tool alerts
administrators when a critical file is altered. What tool could Simon and his administrators implement to
accomplish this?
Scenario: You are the newly hired Chief Information Security Officer for a company that has not previously had a senior level security practitioner. The company lacks a defined security policy and framework for their Information Security Program. Your new boss, the Chief Financial Officer, has asked you to draft an outline of a security policy and recommend an industry/sector neutral information security control framework for implementation.
Your Corporate Information Security Policy should include which of the following?
Scenario: Your corporate systems have been under constant probing and attack from foreign IP addresses for more than a week. Your security team and security infrastructure have performed well under the stress. You are confident that your defenses have held up under the test, but rumors are spreading that sensitive customer data has been stolen and is now being sold on the Internet by criminal elements. During your investigation of the rumored compromise you discover that data has been breached and you have discovered the repository of stolen data on a server located in a foreign country. Your team now has full access to the data on the foreign server.
Your defenses did not hold up to the test as originally thought. As you investigate how the data was compromised through log analysis you discover that a hardworking, but misguided business intelligence analyst posted the data to an obfuscated URL on a popular cloud storage service so they could work on it from home during their off-time. Which technology or solution could you deploy to prevent employees from removing corporate data from your network? Choose the BEST answer.
Copyright © 2021-2025 CertsTopics. All Rights Reserved
