Question 26
A regulated organization experienced a security breach that exposed a list of customer names with corresponding PH dat a. Which of the following is the best reason for developing the organization's communication plans?
Question 27
The management team requests monthly KPI reports on the company's cybersecurity program. Which of the following KPIs would identify how long a security threat goes unnoticed in the environment?
Question 28
Which of the following describes a contract that is used to define the various levels of maintenance to be provided by an external business vendor in a secure environment?
Question 29
A cybersecurity analyst is recording the following details
* ID
* Name
* Description
* Classification of information
* Responsible party
In which of the following documents is the analyst recording this information?
Question 30
An analyst finds that an IP address outside of the company network that is being used to run network and vulnerability scans across external-facing assets. Which of the following steps of an attack framework is the analyst witnessing?
