The Dell EMC DES-9131 Exam is challenging and thorough preparation is essential for success. This exam study guide is designed to help you prepare for the Infrastructure Security Specialist certification exam. It contains a detailed list of the topics covered on the Professional exam, as well as a detailed list of preparation resources. These study guides for the Dell EMC Infrastructure Security Specialist will help guide you through the study process for your certification.

DES-9131 Dell EMC Infrastructure Security Specialist Exam Summary

● Exam Name: Dell EMC Infrastructure Security Specialist

● Exam Code: DES-9131

● Exam Price: $230 (USD)

● Duration: 90 mins

● Number of Questions: 60

● Passing Score: 63%

● Reference Books:

○ Introduction to IT Frameworks and NIST (pre-requisite) - (ES101DSY00354/, ES131DSY00354)

○ Implementing the NIST Cybersecurity Framework (ES102DSY00786/, ES132DSY00786)

● Schedule Exam: Pearson VUE

● Sample Questions: Dell EMC Infrastructure Security Specialist Sample Questions

● Recommended Practice: Dell EMC DES-9131 Certification Practice Exam

Exam Syllabus: DES-9131 Dell EMC Certified Specialist - Infrastructure Security

1. NIST Framework Overview (10%)

- Describe the NIST Framework architecture and purpose including the Core, Tiers, and Profiles

- Describe the topics associated with the Category layer and explain how they align to the NIST Framework functions

2. NIST Framework: Identify Function (18%)

- Describe what constitutes an asset and which assets need to be protected

- Describe the "who/what/why" of a continuously updated inventory

- Describe how discovery and inventory facilitates the planning efforts associated with Disaster Recovery, Incident Response, Communications, and Business Impact Analysis

- Describe the controls for the inventory classification and explain the KPIs developed around these controls

3. NIST Framework: Protect Function (23%)

- Describe the need for creating and documenting a baseline configuration

- Explain how the Business Impact Analysis is integral to the protect function

- Describe the role of the Business Continuity Plan and Business Impact Analysis

- Describe the maintenance and access control subcategory controls for the protect function

- Describe the awareness training, data security and protective technology subcategory controls of the protect function

4. NIST Framework: Detect Function (17%)

- Describe the anatomy of a breach, including what constitutes a breach, why and how it happens, and the steps to avoid a breach

- Identify the methods of detection and how detection can be implemented

- Describe the concept and benefits of continuous monitoring

- Identify and explain the subcategories associated with detection and analysis

5. NIST Framework: Respond Function (17%)

- Describe how to quantify the extent of a security breach

- Describe how to contain a security breach

- Understand and construct an effective Incident Response Plan

- Describe the purpose and details of an effective Communications Plan

- Describe the after action plan and review

6. NIST Framework: Recover Function (15%)

- Determine and describe the considerations when implementing a Disaster Recovery Plan (DRP)

- Describe how the BCP (Business Continuity Plan) supports “timely recovery to normal operations to reduce the impact from a cybersecurity incident.”

- Assess and describe the requirements and processes to return to "business as usual"

- Describe the process of understanding the impact to the business, including reputation and revenue

Dell EMC DES-9131 Certification Sample Questions and Answers

To make you familiar with the Dell EMC Infrastructure Security Specialist (DES-9131) certification exam structure, we have prepared this sample question set. We suggest you to try our Sample Questions for DCS-IS DES-9131 Certification to test your understanding of Dell EMC DES-9131 process with the real Dell EMC certification exam environment.

DES-9131 Dell EMC Infrastructure Security Specialist Sample Questions:-

01. Consider the following situation:

- A complete service outage has occurred, affecting critical services

- Users are unable to perform their tasks

- Customers are unable to conduct business

- Financial impact is beyond the highest allowed threshold

What is the correct classification level for this situation?

a) Safety critical

b) Mission critical

c) Business critical

d) High impact

02. What activity is supported by the Protect function in the NIST Cybersecurity Framework Core?

a) Take action regarding a detected cybersecurity event

b) Manage cybersecurity risk to systems, assets, and data

c) Ensure delivery of critical infrastructure services

d) Ensure resilience and restore services impacted by a cybersecurity event

03. What is the purpose of the Asset Management category?

a) Prevent unauthorized access, damage, and interference to business premises and information

b) Support asset management strategy and information infrastructure security policies

c) Avoid breaches of any criminal or civil law, statutory, regulatory, or contractual obligations

d) Inventory physical devices and systems, software platform and applications, and communication flows

04. What is used to identify critical systems, networks, and data based on their criticality to business operations?

a) Business Impact Analysis

b) Business Organization Analysis

c) Incident Response Plan

d) Business Continuity Plan

05. You have completed a review of your current security baseline policy. In order to minimize financial, legal, and reputational damage, the baseline configuration requires that infrastructure be categorized for the BIA.

Which categorizations are necessary for the BIA?

a) Mission critical and business critical only

b) Mission critical, safety critical, and business critical

c) Security critical, safety critical, and business critical

d) Mission critical and safety critical only

06. At what cyber kill chain stage do attackers use malware to exploit specific software or hardware vulnerabilities on the target, based on the information retrieved at the reconnaissance stage?

a) Installation

b) Reconnaissance

c) Weaponization

d) Delivery

07. Unrecoverable assets are specifically addressed in which function?

a) Identify

b) Respond

c) Protect

d) Recover

08. What entity offers a framework that is ideally suited to handle an organization's operational challenges?

a) COBIT

b) COSO

c) NIST

d) ISO

09. What is used to ensure an organization understands the security risk to operations, assets, and individuals?

a) Risk Management Strategy

b) Risk Assessment

c) Operational Assessment

d) Risk Profile

10. Which type of risk has the potential for the largest monetary impact to an organization?

a) Criminal

b) Governance

c) Operational

d) Litigation

Answers:-

Answer 1:- b

Answer 2:- c

Answer 3:- d

Answer 4:- a

Answer 5:- b

Answer 6:- c

Answer 7:- a

Answer 8:- d

Answer 9:- b

Answer 10:- d