A security analyst is reviewing an endpoint that was found to have a rookit installed. The rootkit survived multiple attempts to clean the endpoints, as well as an attempt to reinstall the QS. The security analyst needs to implement a method to prevent other endpoint from having similar issues. Which of the following would BEST accomplish this objective?
A security administrator is confirming specific ports and IP addresses that are monitored by the IPS-IDS system as well as the firewall placement on the perimeter network between the company and a new business partner Which of the following business documents defines the parameters the security administrator must confirm?
While an employee is on vacation, suspicion arises that the employee has been involved in malicious activity on
the network. The security engineer is concerned the investigation may need to continue after the employee
returns to work. Given this concern, which of the following should the security engineer recommend to maintain
the integrity of the investigation?
The Chief Financial Officer (CFO) of an organization wants the IT department to add the CFO's account to the domain administrator group The IT department thinks this is risky and wants support from the security manager before proceeding. Which of the following BEST supports the argument against providing the CFO with domain administrator access?