Question

The CSIRT is reviewing the lessons learned from a recent incident. A worm was able to spread unhindered throughout the network and infect a large number of computers and server. Which of the following recommendations would be BEST to mitigate the impacts of a similar incident in the future?

1. Install a NIDS device at the boundary.
2. Segment the network with firewalls.
3. Update all antivirus signatures daily.
4. Implement application blacklisting.

______________________________________________________________________________________________

An organization recently acquired an ISO 27001 certification. Which of the following would MOST likely be considered a benefit of this certification?

1. It allows for the sharing of digital forensics data across organizations.
2. It provides insurance in case of a data breach.
3. It provides complimentary training and certification resources to IT security staff.
4. It certifies the organization can work with foreign entities that require a security clearance.

5. It assures customers that the organization meets security standards.

____________________________________________________________________________________-

An auditor is performing an assessment of a security appliance with an embedded OS that was vulnerable during the last two assessments. Which of the following BEST explains the appliance’s vulnerable state?

1. The system was configured with weak default security settings.
2. The device uses weak encryption ciphers.
3. The vendor has not supplied a patch for the appliance.
4. The appliance requires administrative credentials for the assessment.

Answer 1

Ans 1 NIDS is the best method to secure the network in future.

Network-based intrusion detection systems (NIDS) are devices intelligently distributed within networks that passively inspect traffic traversing the devices on which they sit. NIDS can be hardware or software-based systems and, depending on the manufacturer of the system, can attach to various network mediums such as Ethernet, FDDI, and others.

Ans. 2 ISO 27001 certification It assures customers that the organization meets security standards.because it provide many benifts to the customer as well as orgnization

• Increased reliability and security of systems and information
• Improved customer and business partner confidence
• Increased business resilience
• Alignment with customer requirements
• Improved management processes and integration with corporate risk strategies Ans 3
• An auditor is performing an assessment of a security appliance with an embedded OS that was vulnerable during the last two assessments because the vendor has not supplied a patch for the appliance. That's why the auditor not able to solved out the problem