• Question 16 Which organizational committee ensures that an external service provider is meeting the service level agreement( SLA) in the contract?
• Question 17 ___________ is / are key to security policy enforcement.
• Question 18 In a large organization, what is the name of the entity that reviews technology activity and provides approvals before a project or activity can proceed to the next stage?
• Question 19 When monitoring an employee ' s Internet use, which of the following can potentially violate an employee ' s rights?
• Question 20 What is the name of a common control that is used across a significant population of systems, applications, and operations?
• Question 21 Which of the following is a manual control for enforcing security policies? Before an incident can be declared, the IRT must develop an incident ________ for incident response.
• Question 22 During which phase of incident response do IRT members study the attack and develop recommendations to prevent similar attacks in the future?
• Question 23 During which phase of incident response do IRT members recover from the attack and resume operations?
• Question 24 During which phase of incident response do IRT members stop the attack and gather evidence?
• Question 25 During which phase of incident response do IRT members stop the attack and gather evidence?
• Question 26 Triage is performed during which phase of incident response?
• Question 27 According to the Payment Card Industry Data Security Standard( PCI DSS), what is classified as an incident?
• Question 28 When analyzing an IT incident, which of the following is not something you need to identify?
• Question 29 When reporting an incident, the IRT team must first classify the _________ of the incident
• Question 30 A System Use Notification standard describes the onscreen display of system notification messages, such as a legal notice that the user is accessing a protected system. With which IT domain is this standard primarily associated?