A security analyst notices anomalous activity coming from several workstations in the organizations. Upon identifying and containing the issue, which of the following should the security analyst do NEXT?
A. Document and lock the workstations in a secure area to establish chain of custody
B. Notify the IT department that the workstations are to be reimaged and the data restored for reuse
C. Notify the IT department that the workstations may be reconnected to the network for the users to continue working
D. Document findings and processes in the after-action and lessons learned report
Answer: D. Document findings and processes in the after-action and lessons learned report
You might also like to view...
Repeat Exercises 27.22 to 27.28 but produce a schema using the functional data model. Diagramatically illustrate each schema.
(a) Hotel case study. (b) University Accommodation Office case study
State whether each of the following is true or false. If false, explain why.
1) JavaScript operators are evaluated from left to right. 2) The following are all valid variable names: _under_bar_, m928134, t5, j7, her_sales$, his_$account_total, a, b$, c, z, z2. 3) A valid JavaScript arithmetic expression with no parentheses is evaluated from left to right. 4) The following are all invalid variable names: 3g, 87, 67h2, h22, 2h.
You can read and compose e-mail without actually receiving or sending e-mail when working ________
Fill in the blank(s) with correct word
____ is used to establish and maintain security for RAS, Internet, and VPN dial-in access, and can be employed with RADIUS.
A. IAS B. IIS C. ISA D. ILM