Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

EMC DES-9131 - Specialist - Infrastructure Security Exam

EMC DES-9131 Premium Access     Download Demo    
Page: 1 / 2
Total 60 questions

You have been tasked with documenting mission critical procedures of an organization that need to be

sustained through a significant disruption.

What document would you develop?

A.

Business Continuity Plan

B.

Business Impact Assessment

C.

Risk Analysis Report

D.

Regression Test Plan

What must be included in the CMDB?

A.

Inventory of uninstalled software

B.

Software End User Licensing Agreements

C.

Dependencies of installed components

D.

Known vulnerabilities of installed software

What are the five functions of the NIST Framework Core?

A.

Identify, Protect, Detect, Respond, and Recover

B.

Governance, Identify, Recover, Respond, and Recover

C.

Protect, Detect, Respond, Governance, and Recover

D.

Identify, Respond, Protect, Detect, and Governance

Which category addresses the detection of unauthorized code in software?

A.

PR.DS

B.

DE.DP

C.

PR.AT

D.

DE.CM

What is a consideration when performing data collection in Information Security Continuous Monitoring?

A.

Data collection efficiency is increased through automation.

B.

The more data collected, the better chances to catch an anomaly.

C.

Collection is used only for compliance requirements.

D.

Data is best captured as it traverses the network.

What database is used to record and manage assets?

A.

Configuration Management Database

B.

Asset Inventory Management Database

C.

High Availability Mirrored Database

D.

Patch Management Inventory Database

In accordance with PR.MA, an organization has just truncated all log files that are more than 12 months old.

This has freed up 25 TB per logging server.

What must be updated once the truncation is verified?

A.

SDLC

B.

IRP

C.

Baseline

D.

ISCM

Which NIST Cybersecurity Framework function should be executed before any others?

A.

Respond

B.

Protect

C.

Recover

D.

Identify

The network security team in your company has discovered a threat that leaked partial data on a compromised file server that handles sensitive information. Containment must be initiated and addresses by the CSIRT.

Service disruption is not a concern because this server is used only to store files and does not hold any critical workload. Your company security policy required that all forensic information must be preserved.

Which actions should you take to stop data leakage and comply with requirements of the company security policy?

A.

Disconnect the file server from the network to stop data leakage and keep it powered on for further

analysis.

B.

Shut down the server to stop the data leakage and power it up only for further forensic analysis.

C.

Restart the server to purge all malicious connections and keep it powered on for further analysis.

D.

Create a firewall rule to block all external connections for this file server and keep it powered on for further analysis.

Which document provides an implementation plan to recover business functions and processes during and after an event?

A.

Business Continuity Plan

B.

Disaster Recovery Plan

C.

Risk Assessment Strategy

D.

Business Impact Analysis