Incidents such as DDoS that should be handled immediately may be considered as:

1. A. Level One incident
2. B. Level Two incident
3. C. Level Three incident
4. D. Level Four incident

Correct Answer: C

Adam calculated the total cost of a control to protect 10,000 $ worth of data as 20,000 $. What do you advise Adam to do?

1. A. Apply the control
2. B. Not to apply the control
3. C. Use qualitative risk assessment
4. D. Use semi-qualitative risk assessment instead

Correct Answer: B

Incidents are reported in order to:

1. A. Provide stronger protection for systems and data
2. B. Deal properly with legal issues
3. C. Be prepared for handling future incidents
4. D. All the above

Correct Answer: D

US-CERT and Federal civilian agencies use the reporting timeframe criteria in the federal agency reporting categorization. What is the timeframe required to report an incident under the CAT 4 Federal Agency category?

1. A. Weekly
2. B. Within four (4) hours of discovery/detection if the successful attack is still ongoing and agency is unable to successfully mitigate activity
3. C. Within two (2) hours of discovery/detection
4. D. Monthly

Correct Answer: A

Insiders may be:

1. A. Ignorant employees
2. B. Carless administrators
3. C. Disgruntled staff members
4. D. All the above

Correct Answer: D