Online Access Free D-CSF-SC-23 Practice Test

Which category addresses the detection of unauthorized code in software?

• A.PR.DS
• B.PR.AT
• C.DE.DP
• D.DE.CM

An IT security engineer grants an auditor access to a conference room and provides temporary wireless access to them to conduct an analysis for the company's annual financial report.
Which category addresses the ability to prevent access to the Internet while being able to browse a designated set of folders on the LAN?

• A.PR.IP
• B.RC.CO
• C.PR.AC
• D.ID.AM

Your organization has been breached. The attacker has sent an email demanding $100,000 in cryptocurrency in exchange for not dumping all your customer information onto the dark web. Following the RACI Matrix model outlined in your IRP, you have informed all parties, contained the breach, and eradicated the threat.
What needs to be done next?

• A.Performs forensics
• B.Update response strategies
• C.Categorize incidents consistent with Response Plan
• D.Investigate notifications from detection systems

What should be inventoried within an organization using an asset inventory software application?

• A.Data, personas, identities, and CMDB
• B.Data, devices, software, and audit logs
• C.Data, devices, identities, and software
• D.Data, profiles, software, and system logs

During what activity does an organization identify and prioritize technical, organizational, procedural, administrative, and physical security weaknesses?

• A.Vulnerability assessment
• B.Table top exercise
• C.White box testing
• D.Penetration testing