Which of the following is an incident tracking, reporting and handling tool:

1. A. CRAMM
2. B. RTIR
3. C. NETSTAT
4. D. EAR/ Pilar

Correct Answer: B

What is the best staffing model for an incident response team if current employees’ expertise is very low?

1. A. Fully outsourced
2. B. Partially outsourced
3. C. Fully insourced
4. D. All the above

Correct Answer: A

A computer Risk Policy is a set of ideas to be implemented to overcome the risk associated with computer security incidents. Identify the procedure that is NOT part of the computer risk policy?

1. A. Procedure to identify security funds to hedge risk
2. B. Procedure to monitor the efficiency of security controls
3. C. Procedure for the ongoing training of employees authorized to access the system
4. D. Provisions for continuing support if there is an interruption in the system or if the system crashes

Correct Answer: C

In the Control Analysis stage of the NIST’s risk assessment methodology, technical and none technical control methods are classified into two categories. What are these two control categories?

1. A. Preventive and Detective controls
2. B. Detective and Disguised controls
3. C. Predictive and Detective controls
4. D. Preventive and predictive controls

Correct Answer: A

In a qualitative risk analysis, risk is calculated in terms of:

1. A. (Attack Success + Criticality ) –(Countermeasures)
2. B. Asset criticality assessment – (Risks and Associated Risk Levels)
3. C. Probability of Loss X Loss
4. D. (Countermeasures + Magnitude of Impact) – (Reports from prior risk assessments)

Correct Answer: C