CBRCOR Exam QuestionsBrowse all questions from this exam
Go to Exam

CBRCOR Exam - Question 130

Engineers are working to document, list, and discover all used applications within an organization. During the regular assessment of applications from the HR backup server, an engineer discovered an unknown application. The analysis showed that the application is communicating with external addresses on a non- secure, unencrypted channel. Information gathering revealed that the unknown application does not have an owner and is not being used by a business unit. What are the next two steps the engineers should take in this investigation? (Choose two.)

Show Answer
Correct Answer: AD

The engineers should first determine the type of data stored on the affected asset and document the access logs. This will help in assessing the sensitivity and potential impact of the data being communicated over a non-secure channel. Engaging the incident response team is also crucial to handle any possible security breach. Simultaneously, initiating a triage meeting with department leads will help in determining if the application is owned internally or used by any business unit, and in documenting the asset owner. This step is important for accountability and to ensure that no critical organizational application is disrupted unnecessarily.

Discussion

2 comments
Sign in to comment
DrVoIP
Aug 18, 2024

B. Identify who installed the application by reviewing the logs and gather a user access log from the HR department. D. Initiate a triage meeting with department leads to determine if the application is owned internally or used by any business unit and document the asset owner. - ChatGPT

27ea763Options: AB
Jan 23, 2025

I would go with A and B