Pass the GIAC Certification G2700 Questions and answers with ExamsMirror

Sam works as the Network Administrator for uCertify Inc. He has been asked to perform risk analysis. Sam decides to perform it by using CRAMM. The CEO of the organization wants to know the positive points of CRAMM which is going to be used by Sam. Which of the following points will Sam tell the CEO of the organization?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following is a technique for a threat, which creates changes to the project management plan?

David is the owner of Blue Well Inc. The company provides courier services. He decides that it is time to draw up risk analysis for his information system. This includes an inventory of threats and risks. What is the relation among threat, risk, and risk analysis?

The guidelines that are defined in the ISO/IEC 27002:2005 standard deal with which of the following aspects of information security?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following is a structured approach to transitioning individuals, teams, and organizations from a current state to a desired future state?

You work as a Network Administrator for uCertify Inc. You have been assigned the task to select an access control method for the organization's online library so that unethical access can be stopped. You want to apply a condition, i.e., the employee name and the employee code should match to access the library. Which of the following access controls is appropriate to accomplish the task?

You are the Network Administrator for a school. You are concerned that end users' might accidentally have access to resources they do not require. What concept should you implement in your network security management to best address this concern?

You work as a Network Administrator for uCertify Inc. You are responsible for selecting the access control method that will be used for kiosk system software. Your manager wants to have full access to all information about all categories, but the visitors can access only general information about the organization. Which of the following types of access controls is suitable to accomplish this task?

Which of the following is used to shift the impact of a threat to a third party, together with the ownership of the response?

Mark works as a Security Administrator for uCertify Inc. He is responsible to update Standard Operating Procedures (SOPs) in his organization. In this process, Mark needs to update many programs and modify some registry files in the operating system. He wants to make a document of each step taken by him, so that he can come back and restore the system to its actual state if any problem occurred in the update. Which type of document should Mark create to accomplish the task?