Trusted recovery is the ability to ensure recovery without compromise after a system failure. According to the Common Criteria, which of the following types of trusted recovery refers to the situation when the operating system restores the original state once installing software fails? (Wentz QOTD)
A. Manual recovery
B. Automated recovery
C. Automated recovery without undue loss
D. Functional recovery
Which of the following should an anomaly-based IDS behave? (Wentz QOTD)
A. Rendering more True Negative tests
B. Deploying agents to listen to SPAN ports
C. Training the model by supervised learning
D. Depending on sound knowledge of new intrusion patterns
Your company plans to outsource recovery work of the ERP system subject to an 8-hour recovery time objective (RTO) and negotiates the service level with a service provider and reaches a verbal agreement. However, the signed service-level agreement is mistakenly written as a 16-hour RTO. As the agreement signer, which of the following should you have followed to ensure the agreement to be effective? (Wentz QOTD)
A. Due diligence
B. Civil investigation
C. Parol evidence rule
D. Information security policy
According to ISO/IEC 27035-3, investigation refers to the systematic or formal process of inquiring into or researching, and examining facts or materials associated with a matter. Which of the following most likely involves electronic discovery demands? (Wentz QOTD)
A. Civil investigation
B. Administrative investigation
C. Internal investigation
D. Operational investigation
Your organization sets out an access control policy. You are evaluating access control mechanisms to support it. Which of the following is correct? (Wentz QOTD)
A. Mandatory and discretionary protection are mutually exclusive in a trusted computer system.
B. Bell-Lapadula and Biba models are mutually exclusive in a trusted computer system.
C. Conflict-of-interest classes are mutually exclusive in the Brewer and Nash model.
D. Zero Trust and the castle-and-moat network security model are mutually exclusive.
Your organization has a 24-hour recovery point objective for a file server and implements a backup strategy with the most negligible overhead and the best efficiency in terms of restoration. If it conducts full backup at 00:00 AM every Sunday, which of the following is most likely to be restored once a storage failure happens at 10:00 AM on Wednesday? (Wentz QOTD)
A. The Wednesday full backup set only
B. The Sunday full backup set and one differential backup set
C. The Sunday full backup set and three incremental backup sets
D. Both before and after images (BFIM and AFIM)
According to ISO 27014 or COBIT, which of the following is not a governance process or area? (Wentz QOTD)
A. Acquire
B. Evaluate
C. Direct
D. Monitor
