Free EMC D-CSF-SC-23 Exam Dumps Questions & Answers

A company has just acquired an intrusion detection system (IDS) whose detection capabilities are based on behavior and baselines. The IDS has not been in production long enough to establish baselines or to understand what constitutes normal activity.
This lack prevents the CSIRT from making what determination regarding a breach?

• A.CVE
• B.Duration
• C.NVD
• D.Impact

You have been tasked with documenting mission critical procedures of an organization that need to be sustained through a significant disruption.
What document would you develop?

• A.Business Impact Assessment
• B.Business Continuity Plan
• C.Risk Analysis Report
• D.Regression Test Plan

What procedure is designed to enable security personnel to detect, analyze, contain, eradicate, respond, and recover from malicious computer incidents such as unauthorized changes to system hardware, software, or data?

• A.Disaster Recovery Plan
• B.Crisis Communication Plan
• C.Incident Response Plan
• D.Emergency Analysis Plan

What determines the technical controls used to restrict access to USB devices and help prevent their use within a company?

• A.Acceptable use policy in the employee HR on-boarding training
• B.Block use of the USB devices for all employees
• C.Detect use of the USB devices and report users
• D.Written security policy prohibiting the use of the USB devices

When should event analysis be performed?

• A.Routinely for all events collected on a mission critical system
• B.Only at the discretion of an authorized security analyst
• C.After an event is triggered by the detection system
• D.Only when requested by an auditor