FEDVTE CYBER RISK MANAGEMENT FOR TECHNICIANS QUESTIONS WITH CORRECT ANSWERS

In order to automate host characteristic monitoring you can compare baselines and snapshots with syslog. CORRECT ANSWER False The following should be taken into account when accepting the residual risk inherent in the project. CORRECT ANSWER All of the above What is the high water mark for an information system? CORRECT ANSWER Highest Potential Impact value assigned to each Security Objective (AIC) for all Security Categories resident on the system and the overall classification of the system. Which of the following describes NetScan Tools Pro? CORRECT ANSWER B. A powerful command line packet analyzer C. A tool that provides advanced network trace routing D. A collection of Internet information gathering and network troubleshooting utilities FIPS 200 is: CORRECT ANSWER A short document that describes the minimum security requirements for information and information systems Which risk comes from a failure of the controls to properly mitigate risk? CORRECT ANSWER A. Inherent risk C. Control Risk D. All of the above Open Source Security (OSSEC) is what? CORRECT ANSWER A host based security system that monitors for changes What tool would be best to automatically detect your network and construct a complete and easy to view network map? CORRECT ANSWER LANsurveyor Which NIST special publication is a guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach? CORRECT ANSWER NIST SP 800 37 Which of the following is a part of the Examine Method? CORRECT ANSWER Inspecting the physical security measures