FedVTE Cyber Risk Management for Technicians questions and answers well illustrated.

FedVTE Cyber Risk Management for Technicians questions and answers well illustrated. In order to automate host characteristic monitoring you can compare baselines and snapshots with syslog. - correct answers.False The following should be taken into account when accepting the residual risk inherent in the project. - correct answers.All of the above What is the high water mark for an information system? - correct answers.Highest Potential Impact value assigned to each Security Objective (AIC) for all Security Categories resident on the system and the overall classification of the system. Which of the following describes NetScan Tools Pro? - correct answers.B. A powerful command line packet analyzer C. A tool that provides advanced network trace routing D. A collection of Internet information gathering and network troubleshooting utilities FIPS 200 is: - correct answers.A short document that describes the minimum security requirements for information and information systems Which risk comes from a failure of the controls to properly mitigate risk? - correct answers.A. Inherent risk C. Control Risk D. All of the above Open Source Security (OSSEC) is what? - correct answers.A host based security system that monitors for changes What tool would be best to automatically detect your network and construct a complete and easy to view network map? - correct answers.LANsurveyor Which NIST special publication is a guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach? - correct answers.NIST SP 800 37 Which of the following is a part of the Examine Method? - correct answers.Inspecting the physical security measures If the cost of controls exceeds the benefit the organization may choose to accept the risk instead. - correct answers.True Which of the following families of controls belongs to the technical class of controls? - correct answers.Identification and Authentication Which tier of Risk Management is associated with Enterprise Architecture? - correct answers.Tier 2 Mission (Business Process) In NIST SP 800 53 the security control structure consists of all the following components except for: - correct answers.All of these are in the security control structure: - Priority and baseline allocation - Supplemental guidance - Control enhancements Kismet is different from a normal network sniffer such as Wireshark or tcpdump because it separates and identifies different wireless networks in the area. - correct answers.True What is the order of the Change Control Process? - correct answers.A. Request : Approval : Build : Impact Assessment : If successful Implement B. Request : Impact Assessment : Approval : Build and or Test : Implement D. Request : Impact Assessment : Build and or Test : Approval : Implement The threat source is highly motivated and sufficiently capable and controls to prevent the vulnerability from being exercised are ineffective. Which likelihood rating does this describe? - correct answers.High