Practice More Questions From: Incident Response Graded Quiz
Q:
Select the missing phase of Incident Response: Preparation, _____, Containment, Eradication & Recovery, Post Incident Activity.
Q:
Which statement is true about an incident?
Q:
True or False: A Coordinating Incidents Response Team provides advice and guidance to the Distributed IR teams in each department, but generally does not have specific authority over those teams.
Q:
Which Incident Response Team model describes a team that has authority over all aspects of IR within the entire organization?
Q:
In what way will having a set of predefined baseline questions will help you in the event of an incident?
Q:
Port lists, Documentation, and Cryptographic hashes all belong to which Incident Response resource category?
Q:
Incident Response team resources can be divided into which three (3) of the following categories?
Q:
Which three (3) of the following would be considered an incident detection indicator?
Q:
Which type of monitoring system analyzes logs and events in real time?
Q:
True or False: Highly detailed and thorough documentation is needed to support the analysis of current and future incidents.
Q:
What is the proper classification for a breach that results in sensitive or proprietary information being changed or deleted.
Q:
What is the proper classification for the recovery effort from a breach if sensitive data was stolen and posted on a public web site?
Q:
During which stage of a comprehensive Containment, Eradication & Recovery strategy does NIST recommend considering the following: Eliminate components of the incident, Disable compromised accounts, and Identify and mitigate vulnerabilities?
Q:
Which Post Incident activity would include reviewing response times, which systems were impacted and other metrics associated with the incident?
Subscribe
0 Comments