In: Computer Science
A cyber security analyst with an international response team is working to isolate a worldwide distribution of ransomware. The analyst is working with international governing bodies to distribute advanced intrusion detection routines for this variant of ransomware. Which of the following is the MOST important step with which the security analyst should comply?
A. Security operations privacy law
B. Export restrictions
C. Incident response forms
D. Non-disclosure agreements
-------------------------------------------------------------------------------------------------------------------------------------------------------
A cyber security analyst is reviewing output from a CVE-based vulnerability scanner. Before conducting the scan, the analyst was careful to select only Windows-based servers in a specific datacenter. The scan revealed that the datacenter includes 27 machines running Windows 2003 Server Edition (Win2003SE). In 2015, there were 36 new vulnerabilities discovered in the Win2003SE environment. Which of the following statements are MOST likely applicable? (Choose two.)
A. Microsoft’s published schedule for updates and patches for Win2003SE have continued uninterrupted.
B. Remediation is likely to require some form of compensating control.
C. Third-party vendors have addressed all of the necessary updates and patches required by Win2003SE
D. Remediation of all Win2003SE machines requires changes to configuration settings and compensating controls to be made through Microsoft Security Center’s Win2003SE Advanced Configuration Toolkit
E. The resulting report on the vulnerability scan should include some reference that the scan of the datacenter included 27 Win2003SE machines that should be scheduled for replacement and deactivation.
Please explain your answers. Experts in the cybersecurity field answers only. Please no guessing.
Answer)
1. Here the following the most valid and important step which the
security analyst should be complying with :
C. Incident response forms
Laws are of course to be considered but these come in secondary to the current demand which is to distribute advanced intrusion detection routines. The routines are going to be valid for the IDS systems. Thus sharing the Incident response forms would be going to be the most important step here since we need to counter the variant of ransomware at the earliest.
2. The following is the valid statement which is applicable here:
E. The resulting report on the vulnerability scan should include some reference that the scan of the datacenter included 27 Win2003SE machines that should be scheduled for replacement and deactivation.
Here the security expert has scanned the Windows-based servers and thus revealed the datacenters which have the machines with vulnerabilities in the current operating environment. The vulnerabilities scan report would consist of the configuration setting which are the ones that contain the details on the scans, vulnerabilities, and also machines that need to be upgraded, deactivated and replaced based on their vulnerabilities.
**Please Hit Like if you appreciate my answer. For further doubts on the or answer please drop a comment, I'll be happy to help. Thanks for posting.**