CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EMC
  5. DES-9131

Free DES-9131 Exam Braindumps (page: 6)

Page 5 of 16
PDF with 97 Questions

The CSIRT team is following the existing recovery plans on non-production systems in a PRE-BREACH scenario. This action is being executed in which function?

  1. Protect
  2. Recover
  3. Identify
  4. Respond

Answer(s): A



What is a consideration when performing data collection in Information Security Continuous Monitoring?

  1. Data collection efficiency is increased through automation.
  2. The more data collected, the better chances to catch an anomaly.
  3. Collection is used only for compliance requirements.
  4. Data is best captured as it traverses the network.

Answer(s): A



An organization has a policy to respond “ASAP” to security incidents. The security team is having a difficult time prioritizing events because they are responding to all of them, in order of receipt. Which part of the IRP does the team need to implement or update?

  1. Scheduling of incident responses
  2. ‘Post mortem’ documentation
  3. Classification of incidents
  4. Containment of incidents

Answer(s): C



Your firewall blocked several machines on your network from connecting to a malicious IP address. After reviewing the logs, the CSIRT discovers all Microsoft Windows machines on the network have been affected based on a newly published CVE.

Based on the IRP, what should be done immediately?

  1. Update the asset inventory
  2. Contain the breach
  3. Eradicate the breach
  4. Revise the IRP

Answer(s): A






Post your Comments and Discuss EMC DES-9131 exam with other Community members:

DES-9131 Discussions & Posts