Your company did not know its internal customer and financial databases were compromised until the attacker published sensitive portions of the database on several popular attacker websites. The company was unable to determine when, how, or who conducted the attacks but rebuilt, restored, and updated the compromised database server to continue operations. What is MOST likely the cause for the
company's inability to determine what really occurred?
A. too many layers of protection between the Internet and internal network
B. lack of a defined security auditing process
C. poor intrusion detection system placement and maintenance
D. insufficient logging and mechanisms for review
D
Explanation: The most likely cause for the company's inability to determine what really occurred is insufficient logging and mechanisms for review.
None of the other options is the most likely cause for the company's inability to determine what really occurred. The number of layers of protection should increase the likelihood that you can determine what really occurred. A defined security auditing process is important but only helps if proper logging and review mechanisms are in place. An intrusion detection system will detect incidents as they occur.
You might also like to view...
________ analysis is used to enter different combinations of values to see how the changes affect the calculations
A) Cash flow B) What-for C) What-if D) How-to
Agile methods typically use a(n) _____ , which represents a series of iterations based on user feedback.?
A. ?incremental model B. ?extreme model C. ?spiral model D. ?evaluative model
System software controls the flow of data, provides data security, and manages network operations.
Answer the following statement true (T) or false (F)
The m-estimate measure (with k = 2 and p+ = 0.2).
Consider a training set that contains 100 positive examples and 400 negative examples. For each of the following candidate rules, R1: A ?? + (covers 4 positive and 1 negative examples), R2: B ?? + (covers 30 positive and 10 negative examples), R3: C ?? + (covers 100 positive and 90 negative examples), determine which is the best and worst candidate rule according to: