DES-9131 Specialist - Infrastructure Security Exam Questions and Answers

The CSF recommends that the Communication Plan for an IRP include audience, method of communication, frequency, and what other element?

Your firewall blocked several machines on your network from connecting to a malicious IP address. After

reviewing the logs, the CSIRT discovers all Microsoft Windows machines on the network have been affected based on a newly published CVE.

Based on the IRP, what should be done immediately?

What are the four tiers of integration within the NIST Cybersecurity Framework?

An organization has a policy to respond “ASAP” to security incidents. The security team is having a difficult time prioritizing events because they are responding to all of them, in order of receipt.

Which part of the IRP does the team need to implement or update?

What must be done before returning a compromised laptop to normal operations in the environment?

You need to review your current security baseline policy for your company and determine which security

controls need to be applied to the baseline and what changes have occurred since the last update.

Which category addresses this need?