File Integrity Monitoring (FIM) is considered a
As the Chief Information Security Officer, you are performing an assessment of security posture to understand
what your Defense-in-Depth capabilities are. Which network security technology examines network traffic flows
to detect and actively stop vulnerability exploits and attacks?
Which of the following provides an independent assessment of a vendor’s internal security controls and overall posture?
SCENARIO: Critical servers show signs of erratic behavior within your organization’s intranet. Initial information indicates the systems are under attack from an outside entity. As the Chief Information Security Officer (CISO), you decide to deploy the Incident Response Team (IRT) to determine the details of this incident and take action according to the information available to the team.
In what phase of the response will the team extract information from the affected systems without altering original data?