Chapter 7 ■ Security Operations (Domain 7) 161
C. Two-person control
D. Transitive trust- Which one of the following is not a basic preventative measure that you can take to protect
your systems and applications against attack?
A. Implement intrusion detection and prevention systems.
B. Maintain current patch levels on all operating systems and applications.
C. Remove unnecessary accounts and services.
D. Conduct forensic imaging of all systems. - Tim is a forensic analyst who is attempting to retrieve information from a hard drive. It
appears that the user attempted to erase the data, and Tim is trying to reconstruct it. What
type of forensic analysis is Tim performing?
A. Software analysis
B. Media analysis
C. Embedded device analysis
D. Network analysis - Which one of the following is an example of a computer security incident?
A. Completion of a backup schedule
B. System access recorded in a log
C. Unauthorized vulnerability scan of a file server
D. Update of antivirus signatures- Which one of the following technologies would provide the most automation of an inven-
tory control process in a cost-effective manner?
A. IPS
B. WiFi
C. RFID
D. Ethernet - Connor’s company recently experienced a denial of service attack that Connor believes
came from an inside source. If true, what type of event has the company experienced?
A. Espionage
B. Confidentiality breach
C. Sabotage
D. Integrity breach