Practice Test Questions

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Carolyn is working with her team to develop her organization's disaster recovery plan. What stage of the planning process provides the information necessary to prioritize recovery efforts by service? A. Business Impact Assessment B. Design C. Implementation D. Preparation Correct Answer: A The business impact assessment (BIA) stage of the disaster recovery planning process assesses services used by the organization and prioritizes their recovery based upon their potential impact on the business. The rest of the options are incorrect.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. What is the purpose of STIX? A. To provide a set of services to enable sharing of threat intelligence B. To represent threat information in a standardized manner C. Offer a standardized schema for the specification and communication of system and network events D. Provide an API for security platform integration Correct Answer: B TAXII provides a set of services to enable sharing of threat intelligence. So that is not the correct answer. STIX is a collaborative effort to develop a standardized, structured language to represent cyber threat information. The STIX framework intends to convey the full range of potential cyber threat data elements and strives to be as expressive, flexible, extensible, automatable, and human-readable as possible. This is the correct answer. CEE, or the common event expression, offers a standardized schema for the specification and communication of system and network events. So, this is not the correct answer. And STIX does not provide an API for security platform integration. So that is not the correct answer either.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Which one of the following groups is not normally part of an organization's cybersecurity incident response team? A. Technical Subject Matter Experts B. Cybersecurity Experts C. Management D. Law Enforcement Correct Answer: D The incident response team normally includes a wide range of internal experts, including those from cybersecurity and other technical disciplines, this also includes management representation. The team however, would not normally include outside organizations, such as representatives of law enforcement, although it may interact with those groups through a liaison function.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...