DES-9131 Specialist - Infrastructure Security Exam Question and Answers

Which NIST Cybersecurity Framework function should be executed before any others?

A continuously updated CMDB is an output of which NIST function and category?

What contains a predefined set of efforts that describes an organization’s mission/business critical processes, and defines how they will be sustained during and after a significant disruption?

The network security team in your company has discovered a threat that leaked partial data on a compromised file server that handles sensitive information. Containment must be initiated and addresses by the CSIRT.

Service disruption is not a concern because this server is used only to store files and does not hold any critical workload. Your company security policy required that all forensic information must be preserved.

Which actions should you take to stop data leakage and comply with requirements of the company security policy?

The CSIRT team is following the existing recovery plans on non-production systems in a PRE-BREACH

scenario. This action is being executed in which function?

What defines who is accountable for contacting operational teams, managers, and others affected by a

localized, safety critical event?