- (Exam Topic 4)
The goals of SIEM solution implementation include all of the following, except:
Correct Answer:
B
SIEM does not intend to provide any enhancement of performance; in fact, a SIEM solution may decrease performance because of additional overhead. All the rest are goals of SIEM implementations.
- (Exam Topic 4)
Just like the risk management process, the BCDR planning process has a defined sequence of steps and processes to follow to ensure the production of a comprehensive and successful plan.
Which of the following is the correct sequence of steps for a BCDR plan?
Correct Answer:
A
The correct sequence for a BCDR plan is to define the scope, gather requirements based on the scope, assess overall risk, and implement the plan. The other sequences provided are not in the correct order.
- (Exam Topic 2)
Which approach is typically the most efficient method to use for data discovery?
Correct Answer:
A
Metadata is data about data. It contains information about the type of data, how it is stored and organized, or information about its creation and use.
- (Exam Topic 2)
Which of the following is NOT an application or utility to apply and enforce baselines on a system?
Correct Answer:
B
GitHub is an application for code collaboration, including versioning and branching of code trees. It is not used for applying or maintaining system configurations.
- (Exam Topic 4)
Which of the following components are part of what a CCSP should review when looking at contracting with a cloud service provider?
Correct Answer:
D
The use of subcontractors can add risk to the supply chain and should be considered; trusting the provider’s management of their vendors and suppliers (including subcontractors) is important to trusting the provider. Conversely, the customer is not likely to be allowed to review the physical design of the datacenter (or, indeed, even know the exact location of the datacenter) or the personnel security specifics for the provider’s staff. “Redundant uplink grafts” is a nonsense term used as a distractor.
