What does a security analyst’s work involve during the CSF recover function?1 pointProtect an organization through the implementation of employee trainingReturn affected systems back to normal operation Contain, neutralize, and analyze security incidentsPinpoint threats and improve monitoring capabilities

A security analyst documents procedures to be followed in the event of a security breach. They also establish staffing plans and educate employees. What phase of an incident response playbook does this scenario describe? 1 pointPreparationEradication and recoveryDetection and analysisCoordination

Question 7A security analyst wants to set the foundation for successful incident response. They outline roles and responsibilities of each security team member. What phase of an incident response playbook does this scenario describe? 1 pointPreparationContainmentDetection and analysisPost-incident activit

Fill in the blank: The CSF _____ function relates to monitoring systems and devices in an organization’s internal network to help security teams manage potential cybersecurity risks and their effects.1 pointrespondrecoveridentifyprotect

Fill in the blank: During the _____ phase, security teams may conduct a full-scale analysis to determine the root cause of an incident and use what they learn to improve the company’s overall security posture.1 pointeradication and recoverydetection and analysispost-incident activitycontainment

Question 5Which of the following statements accurately describe the CSF? Select all that apply.1 pointInvestigating an incident to determine how the threat occurred, what was affected, and where the attack originated is part of the respond function of the CSF.The detect function of the CSF involves making sure proper procedures are used to contain, neutralize, and analyze security incidents.The protect function of the CSF involves implementing policies, procedures, training, and tools to mitigate threats.The CSF is a voluntary framework that consists of standards, guidelines, and best practices to manage cybersecurity risk. 6.Question 6A security team establishes controls, including permission settings that will be used to create multiple security points that a threat actor must get through to breach their organization. Which OWASP principle does this scenario describe?1 pointDefense in depthSeparation of dutiesKeep security simplePrinciple of least privilege7.Question 7What are some of the primary objectives of an internal security audit? Select three answers.1 pointHelp security teams identify organizational riskAvoid fines due to a lack of complianceDevelop a guiding security statement for the businessImprove security posture8.Question 8Fill in the blank: The planning elements of an internal security audit include establishing scope and _____, then conducting a risk assessment.1 pointcontrolslimitationscompliancegoals9.Question 9A security analyst performs an internal security audit. They focus on the human component of cybersecurity, such as the policies and procedures that define how their company manages data. What are they working to establish?1 pointCompliance controlsPhysical controlsTechnical controlsAdministrative controls10.Question 10What information is typically communicated to stakeholders after completion of an internal security audit? Select three answers.1 pointA summary of the scopeQuestions about specific controlsA list of existing risksResults and recommendations