Labour Day Special - 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: c4sdisc65

DES-9131 PDF

$38.5

$109.99

3 Months Free Update

Add to Cart
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions

DES-9131 PDF + Testing Engine

$61.6

$175.99

3 Months Free Update

Add to Cart
  • Exam Name: Specialist - Infrastructure Security Exam
  • Last Update: May 18, 2024
  • Questions and Answers: 60
  • Free Real Questions Demo
  • Recommended by Industry Experts
  • Best Economical Package
  • Immediate Access

DES-9131 Engine

$46.2

$131.99

3 Months Free Update

Add to Cart
  • Best Testing Engine
  • One Click installation
  • Recommended by Teachers
  • Easy to use
  • 3 Modes of Learning
  • State of Art Technology
  • 100% Real Questions included

DES-9131 Practice Exam Questions with Answers Specialist - Infrastructure Security Exam Certification

Question # 6

A continuously updated CMDB is an output of which NIST function and category?

A.

ID.RM

B.

ID.SC

C.

ID.BE

D.

ID.AM

Full Access
Question # 7

The network security team in your company has discovered a threat that leaked partial data on a compromised file server that handles sensitive information. Containment must be initiated and addresses by the CSIRT.

Service disruption is not a concern because this server is used only to store files and does not hold any critical workload. Your company security policy required that all forensic information must be preserved.

Which actions should you take to stop data leakage and comply with requirements of the company security policy?

A.

Disconnect the file server from the network to stop data leakage and keep it powered on for further

analysis.

B.

Shut down the server to stop the data leakage and power it up only for further forensic analysis.

C.

Restart the server to purge all malicious connections and keep it powered on for further analysis.

D.

Create a firewall rule to block all external connections for this file server and keep it powered on for further analysis.

Full Access
Question # 8

A security engineer is responsible for monitoring company software, firmware, system OS, and applications for known vulnerabilities. How should they stay current on exploits and information security?

A.

Implement security awareness training

B.

Update company policies and procedures

C.

Revise vulnerability management plan

D.

Subscribe to security mailing lists

Full Access
Question # 9

What are the five functions of the NIST Framework Core?

A.

Identify, Protect, Detect, Respond, and Recover

B.

Governance, Identify, Recover, Respond, and Recover

C.

Protect, Detect, Respond, Governance, and Recover

D.

Identify, Respond, Protect, Detect, and Governance

Full Access
Question # 10

What should an organization use to effectively mitigate against password sharing to prevent unauthorized

access to systems?

A.

Access through a ticketing system

B.

Frequent password resets

C.

Strong password requirements

D.

Two factor authentication

Full Access
Question # 11

What is a consideration when performing data collection in Information Security Continuous Monitoring?

A.

Data collection efficiency is increased through automation.

B.

The more data collected, the better chances to catch an anomaly.

C.

Collection is used only for compliance requirements.

D.

Data is best captured as it traverses the network.

Full Access
Question # 12

You need to review your current security baseline policy for your company and determine which security

controls need to be applied to the baseline and what changes have occurred since the last update.

Which category addresses this need?

A.

ID.AM

B.

PR.IP

C.

PR.MA

D.

ID.SC

Full Access
Question # 13

A company implemented an intrusion detection system. They notice the system generates a very large number of false alarms.

What steps should the company take to rectify this situation?

A.

Re-evaluate the Baseline and make necessary adjustments to the detection rules

B.

Replace the intrusion detection system with an intrusion protection system

C.

Define how to identify and disregard the false alarms

D.

Consider evaluating a system from another vendor

Full Access
Question # 14

What determines the technical controls used to restrict access to USB devices and help prevent their use

within a company?

A.

Block use of the USB devices for all employees

B.

Written security policy prohibiting the use of the USB devices

C.

Acceptable use policy in the employee HR on-boarding training

D.

Detect use of the USB devices and report users

Full Access
Question # 15

What is the primary objective of establishing governance and risk management processes for an organization?

A.

Manage assets effectively in accordance with local laws

B.

Minimize cybersecurity risks in conjunction with compliance processes

C.

Determine compliance controls in accordance with national laws

D.

Establish recovery time objectives for critical infrastructure

Full Access
Question # 16

What must be included in the CMDB?

A.

Inventory of uninstalled software

B.

Software End User Licensing Agreements

C.

Dependencies of installed components

D.

Known vulnerabilities of installed software

Full Access
Question # 17

A company suffers a data breach and determines that the threat actors stole or compromised 10,000 user

profiles. The company had planned for such a breach and determined the loss would be around $2 million.

Soon after restoration, the company stock suffered a 30% drop and the loss was nearly $20 million. In addition, the company received negative press.

Which area of risk did the business forget to account for?

A.

Litigation or Legal Risk

B.

Reputational Risk

C.

Vulnerability risk

D.

Business Operational Risk

Full Access
Question # 18

What is concerned with availability, reliability, and recoverability of business processes and functions?

A.

Business Impact Analysis

B.

Business Continuity Plan

C.

Recovery Strategy

D.

Disaster Recovery Plan

Full Access