Multiple Choice
Following a complete outage of the electronic medical record system for more than 18 hours, the hospital's Chief Executive Officer (CEO) has requested that the Chief Information Security Officer (CISO) perform an investigation into the possibility of a disgruntled employee causing the outage maliciously. To begin the investigation, the CISO pulls all event logs and device configurations from the time of the outage. The CISO immediately notices the configuration of a top-of-rack switch from one day prior to the outage does not match the configuration that was in place at the time of the outage. However, none of the event logs show who changed the switch configuration, and seven people have the ability to change it. Because of this, the investigation is inconclusive. Which of the following processes should be implemented to ensure this information is available for future investigations?
A) Asset inventory management
B) Incident response plan
C) Test and evaluation
D) Configuration and change management
Correct Answer:
Verified
Correct Answer:
Verified
Q5: After the departure of a developer under
Q6: A security architect is implementing security measures
Q7: An analyst is investigating behavior on a
Q8: A company's security policy states any remote
Q9: A company recently implemented a new cloud
Q11: Staff members are reporting an unusual number
Q12: During a security event investigation, a junior
Q13: A security analyst works for a defense
Q14: Due to a recent breach, the Chief
Q15: A company is acquiring incident response and