Following a complete outage of the electronic medical record system for more than 18 hours, the hospital's Chief Executive Officer (CEO) has requested that the Chief Information Security Officer (CISO) perform an investigation into the possibility of a disgruntled employee causing the outage maliciously. To begin the investigation, the CISO pulls all event logs and device configurations from the time of the outage. The CISO immediately notices the configuration of a top-of-rack switch from one day prior to the outage does not match the configuration that was in place at the time of the outage. However, none of the event logs show who changed the switch configuration, and seven people have the ability to change it. Because of this, the investigation is inconclusive. Which of the following processes should be implemented to ensure this information is available for future investigations?
A) Asset inventory management
B) Incident response plan
C) Test and evaluation
D) Configuration and change management
Correct Answer:
Verified
Q302: After an employee was terminated, the company
Q303: A company's user community is being adversely
Q304: A product manager is concerned about the
Q305: The director of sales asked the development
Q306: The audit team was only provided the
Q308: A new database application was added to
Q309: After embracing a BYOD policy, a company
Q310: A regional transportation and logistics company recently
Q311: A company is moving all of its
Q312: A security appliance vendor is reviewing an
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents