CIS 462 Final Exam (2 Set) CIS 462 Final Exam (2 Set) | Page 8

• Question 22 During which phase of incident response do IRT members study the attack and
develop recommendations to prevent similar attacks in the future?
• Question 23 During which phase of incident response do IRT members recover from the
attack and resume operations?
• Question 24 During which phase of incident response do IRT members stop the attack and
gather evidence?
• Question 25 During which phase of incident response do IRT members stop the attack and
gather evidence?
• Question 26 Triage is performed during which phase of incident response?
• Question 27 According to the Payment Card Industry Data Security Standard (PCI DSS), what is
classified as an incident?
• Question 28 When analyzing an IT incident, which of the following is not something you need
to identify?
• Question 29 When reporting an incident, the IRT team must first classify the _________ of the
incident
• Question 30 A System Use Notification standard describes the on-screen display of system
notification messages, such as a legal notice that the user is accessing a protected system. With
which IT domain is this standard primarily associated?
• Question 31 A LAN Domain policy would include guidelines for which of the following?
• Question 32 A Separation of Environments standard establishes the need to separate the
development environment from the production environment. With which IT domain is this
standard primarily associated?
• Question 33 A User Internet Proxy standard and a Content-Blocking Tools Configuration
standard would be associated primarily with which IT domain?
• Question 34 Baseline standards for the LAN Domain would include ____________.
• Question 35 Which of the following documents describes core control requirements for
framework policies?
• Question 36 A PKI uses public and private ______ for the secure exchange of information.