An organization has a policy to respond “ASAP” to security incidents. The security team is having a difficult time prioritizing events because they are responding to all of them, in order of receipt.
Which part of the IRP does the team need to implement or update?
Assume that a DDoS attack has been occurring for 72 minutes. What determines who talks to external
stakeholders?
What is the primary objective of establishing governance and risk management processes for an organization?
A company implemented an intrusion detection system. They notice the system generates a very large number of false alarms.
What steps should the company take to rectify this situation?
TESTED 21 Nov 2024
