Cissp Practice Questions Exam Questions (180 Terms) With Verified Definitions Updated 2024

What network-attached device monitors the network and automatically takes action to mitigate the effects of an incident when malicious activity is detected? (7.2) A. Hub B. IDS C. Concentrator D. IPS {Ans: The correct answer is D. The intrusion detection system (IDS; choice B) works in a similar way to the intrusion prevention system (IPS): both monitor, log and send an alert, but the IDS will not take further action. Hubs (choice A) and concentrators (choice C) have no role in intrusion detection.}NIST SP 800-137 provides a six-phase framework for implementing an information security continuous monitoring (ISCM) strategy. Which is the correct order? (7.2) A. Establish, define, implement, respond, analyze and report, review and update B. Define, establish, implement, respond, analyze and report, review and update C. Define, establish, implement, analyze and report, respond, review and update D. Define, implement, establish, analyze and report, respond, review and update {Ans: The correct answer is C. Define the organization's security strategy. Establish a program. Implement said program. Analyze any data collected and report the findings. Respond based on the findings. Then continuously review and update the strategy.}Which of the following objectives should be included in a code review that is