A(n) ____________________ chart often is used to illustrate changes in data over time.

At what level of the CMM model are processes capable of being improved?

A. The optimizing level B. The initial level C. The defined level D. The repeatable level

What is recursive ease?

a. A subproblem large enough to solve recursively b. Ease of conversion to divide and conquer c. Process of converting to iterative algorithm d. Ease of implementing a data structure recursively

A(n) ____________________ model excludes users from access to resources, by default, and then adds whatever users need access to such resources as exceptions to the general exclusionary rule.

Fill in the blank(s) with the appropriate word(s).

Unauthorized Access to Payroll Records

Study the following scenario. Discuss and determine the incident response handling questions that should be asked at each stage of the incident response process. Consider the details of the organization and the CSIRC when formulating your questions. This scenario is about a mid-sized hospital with multiple satellite offices and medical services. The orga- nization has dozens of locations employing more than 5000 employees. Because of the size of the orga- nization, they have adopted a CSIRC model with distributed incident response teams. They also have a coordinating team that watches over the CSIRTs and helps them to communicate with each other. On a Wednesday evening, the organization’s physical security team receives a call from a payroll administrator who saw an unknown person leave her office, run down the hallway, and exit the build- ing. The administrator had left her workstation unlocked and unattended for only a few minutes. The payroll program is still logged in and on the main menu, as it was when she left it, but the administra- tor notices that the mouse appears to have been moved. The incident response team has been asked to acquire evidence related to the incident and to determine what actions were performed. The security teams practice the kill chain model and they understand how to use the VERIS database. For an extra layer of protection, they have partially outsourced staffing to an MSSP for 24/7 monitoring.