In what way will having a set of predefined baseline questions will help you in the event of an incident?

Practice More Questions From: Incident Response Graded Quiz

Q:

Select the missing phase of Incident Response: Preparation, _____, Containment, Eradication & Recovery, Post Incident Activity.

Q:

Which statement is true about an incident?

Q:

True or False: A Coordinating Incidents Response Team provides advice and guidance to the Distributed IR teams in each department, but generally does not have specific authority over those teams.

Q:

Which Incident Response Team model describes a team that has authority over all aspects of IR within the entire organization?

Q:

In what way will having a set of predefined baseline questions will help you in the event of an incident?

Q:

Port lists, Documentation, and Cryptographic hashes all belong to which Incident Response resource category?

Q:

Incident Response team resources can be divided into which three (3) of the following categories?

Q:

Which three (3) of the following would be considered an incident detection indicator?

Q:

Which type of monitoring system analyzes logs and events in real time?

Q:

True or False: Highly detailed and thorough documentation is needed to support the analysis of current and future incidents.

Q:

What is the proper classification for a breach that results in sensitive or proprietary information being changed or deleted.

Q:

What is the proper classification for the recovery effort from a breach if sensitive data was stolen and posted on a public web site?

Q:

During which stage of a comprehensive Containment, Eradication & Recovery strategy does NIST recommend considering the following: Eliminate components of the incident, Disable compromised accounts, and Identify and mitigate vulnerabilities?

Q:

Which Post Incident activity would include reviewing response times, which systems were impacted and other metrics associated with the incident?

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments