ISC CISSP Practice Test - Questions Answers, Page 60

It is MOST important to perform which of the following to minimize potential impact when implementing a new vulnerability scanning tool in a production environment?

A Security Operations Center (SOC) receives an incident response notification on a server with an active intruder who has planted a backdoor. Initial notifications are sent and communications are established.

What MUST be considered or evaluated before performing the next step?

Due to system constraints, a group of system administrators must share a high-level access set of credentials.

Which of the following would be MOST appropriate to implement?

Which of the following is the MOST efficient mechanism to account for all staff during a speedy nonemergency evacuation from a large security facility?

What does electronic vaulting accomplish?

Who would be the BEST person to approve an organizations information security policy?

A security analyst for a large financial institution is reviewing network traffic related to an incident.

The analyst determines the traffic is irrelevant to the investigation but in the process of the review, the analyst also finds that an applications data, which included full credit card cardholder data, is transferred in clear text between the server and user's desktop. The analyst knows this violates the Payment Card Industry Data Security Standard (PCI-DSS). Which of the following is the analyst's next step?

An Information Technology (IT) professional attends a cybersecurity seminar on current incident response methodologies.

What code of ethics canon is being observed?

An organization adopts a new firewall hardening standard. How can the security professional verify that the technical staff correct implemented the new standard?