Senior management of ABC Company has identified you as the individual to implement the company’s incident response protocol. ABC senior management is considering the adoption of NIST SP 800-61 as the basis for its incident response life cycle approach. You have been tasked with providing a report to management that includes detailed process steps for each phase of the incident response life cycle. Using NIST SP 800-61, your employee has drafted key aspects of each phase of the life cycle for you to review before sharing the report with senior management. Excerpts from the draft are provided below. Select from the option list provided the appropriate word or phrase to complete each statement below. Each choice may be used once, more than once, or not at all.   Excerpt Word or Phrase The preparation phase of the incident response life cycle includes _____. The acquisition of the tools, resources, and software for the team is considered part of the _____ phase. The _____ phase includes determination of the incident’s scope, origination of the incident, and the method used to cause the incident. Evidence gathering and identification of attacking hosts occurs during the _____ phase. According to NIST, holding a “lessons learned” meeting should be part of the _____ phase.  

Select from the option list provided the applicable incident response life cycle phase, if any, for each description indicated below. Each choice may be used once, more than once, or not at all. Description Phase Evidence gathering and handling. Prevention of incidents before they occur. Identify and mitigate exploited vulnerabilities. Identification of incidents. Create a follow‐up report. Identify attacking hosts. Notification of stakeholders per organizational reporting requirements. Acquisition of the tools, resources, and software required. Hold a meeting to discuss lessons learned. Prioritization of incidents by their significance.

Indicate which statements about materiality in a SOC 1 engagement are true by selecting the appropriate circle. 1.A. The service auditor’s determination of materiality is a matter of professional judgment.B. The client typically participates in the determination of materiality.   2.A. Materiality should consider the perception of the overall information needs of the user auditor of the service organization.B. The concept of materiality relates to the dollar values in financial statements of user entities.   3.A. Evaluating materiality related to controls primarily includes the consideration of quantitative factors.B. Materiality should be based on the needs of the most conservative user; in that way all users are protected.   4.A. The auditor should consider collectively uncorrected misstatements identified during the engagement when evaluating whether they are material.B. Material misstatements result in modified SOC 1 opinions.

Which NFL team has won the most Super Bowl titles (tied for the most as of recent years)?

A senior auditor is leading an engagement to evaluate management’s efforts to apply the COSO Internal Control – Integrated Framework to its risk mitigation efforts for security. More specifically, the senior auditor has been tasked with conducting a cyber risk assessment. The purpose of the cyber risk assessment is to evaluate management’s efforts to document its cyber risks, controls, and its alignment of business objectives with IT. Within the senior auditor’s draft report for management, the senior auditor makes a number of statements. Using the senior auditor’s draft included below, review each statement to ensure that it aligns with the objectives and purpose of the engagement. ……………………………………………………………………………………………………………………………………. #1 COSO Risk Assessment StatementThe risk assessment the cyber risk management efforts. #2 Alignment of Technology and the BusinessAn organization’s cyber risk assessment #3 Incorporation into the Entity-Wide Risk AssessmentAn organization’s cyber risk assessment #4 Continuous ImprovementManagement should #5 Application of the COSO FrameworkBecause COSO is a framework,

An IT manager is preparing a memo to management describing the nature of incident response planning and the classification of incidents. Excerpts from the memo are provided below. Select from the option list provided the appropriate word or phrase to complete each statement below. Each choice may be used once, more than once, or not at all. Excerpt Word or Phrase Purpose of Incident ResponseThe goal of incident response management is to _____ attacks and to _____ and cost. Incident Response PlanningIncident response planning often includes, but is not limited to, items such as _____, required activities, _____, _____, and measures to monitor the effectiveness of the organization’s capabilities. Incident Response StepsMore generally, incident response entails the steps used to prepare for, _____ a data breach. ClassificationWhereas a security _____ may result in damage, in a(n) _____, protected data are confirmed to have been accessed by an illicit third party.

Smith Company is implementing its cyber risk activities into its existing enterprise risk management (ERM) efforts. Smith uses the COSO ERM framework to provide a basis for coordinating and integrating all of its risk management activities. Using the option list below, identify the relevant component of the COSO ERM framework that applies to each description. Each choice may be used once, more than once, or not at all. Description ERM Component Cyber risk management is integrated into planning. The organization prioritizes risks according to their severity and the organization’s cyber risk appetite. Cyber risk management capabilities and performance are examined to assess their value proposition. Cyber risks that may affect the achievement of strategy and business objectives are identified and assessed. Relevant information from external sources is used to support cyber risk management. The entity’s tone is set. Relevant information from internal sources is used to support cyber risk management. Cyber risk management capabilities and performance are examined to drive value through change. The importance of cyber vigilance is reinforced, and oversight responsibilities are established.

The attestation standards apply to SOC engagements. Select from the option list provided the word or phrase that best completes each SOC requirement of the service auditor below. Requirement Word or Phrase Requiring the service auditor to be _____ Assessing the _____ of management Obtaining _____ Using proper planning and _____ Requiring management to provide _____ Addressing _____ Gaining an understanding of _____ Collecting _____ Preparing a _____ Documenting _____

Mindfulness practices are likely to bring about benefits for people with anxiety disorders, binge eating disorders, and addictive disorders (like gambling) by increasing physiological feelings of calm and decreasing the personality trait of:

Collections, Inc., is a firm that offers accounts receivables billing and collection services to a variety of customers. Collections has inquired about hiring you as a service auditor, and you must reply to this inquiry. Excerpt from Bathko’s Response Thank you for allowing me to provide information about my services. The American Institute of Certified Public Accountants has established standards for System and Organization Controls (SOC) services that provide assurance over controls. Due to these high standards, this form of assurance is often requested by I will provide you with high quality services. The standards of my profession require me to be properly trained and I will perform a number of procedures to gather evidence to support my opinion. You will be required to provide me with information from your firm as I request it. Early in the engagement, I will ask you to Near the end of the engagement, I will request I can provide you with a SOC 1 Type 1report or a SOC 1 Type 2 report. A SOC 1 Type 2 report will provide your clients with assurance in the form of an opinion that the controls are