Join the discussion
Question 1/33
The incident response team has completed root cause analysis for an incident. Which of the following actions should be taken in the next phase of the incident response process? (Choose two.)
Correct Answer: B,E
Add Comments
- Other Question (33q)
- Q1. The incident response team has completed root cause analysis for an incident. Which of the...
- Q2. When attempting to determine which system or user is generating excessive web traffic, ana...
- Q3. Which of the following is the FIRST step taken to maintain the chain of custody in a foren...
- Q4. An organization recently suffered a data breach involving a server that had Transmission C...
- Q5. If a hacker is attempting to alter or delete system audit logs, in which of the following ...
- Q6. A government organization responsible for critical infrastructure is being attacked and fi...
- Q7. Which of the following are part of the hardening phase of the vulnerability assessment pro...
- Q8. Which of the following technologies would reduce the risk of a successful SQL injection at...
- Q9. An incident at a government agency has occurred and the following actions were taken: - Us...
- Q10. A security investigator has detected an unauthorized insider reviewing files containing co...
- Q11. Which of the following types of attackers would be MOST likely to use multiple zero-day ex...
- Q12. In which of the following attack phases would an attacker use Shodan?...
- Q13. An incident responder discovers that the CEO logged in from their New York City office and...
- Q14. While planning a vulnerability assessment on a computer network, which of the following is...
- Q15. Malicious code designed to execute in concurrence with a particular event is BEST defined ...
- Q16. An incident responder was asked to analyze malicious traffic. Which of the following tools...
- Q17. Which of the following security best practices should a web developer reference when devel...
- Q18. Which of the following is the GREATEST risk of having security information and event manag...
- Q19. A security administrator is investigating a compromised host. Which of the following comma...
- Q20. Which of the following enables security personnel to have the BEST security incident recov...
- Q21. An incident response team is concerned with verifying the integrity of security informatio...
- Q22. Which of the following is a method of reconnaissance in which a ping is sent to a target w...
- Q23. Which of the following would MOST likely make a Windows workstation on a corporate network...
- Q24. Which of the following are well-known methods that are used to protect evidence during the...
- Q25. A company website was hacked via the following SQL query: email, passwd, login_id, full_na...
- Q26. A security operations center (SOC) analyst observed an unusually high number of login fail...
- Q27. According to company policy, all accounts with administrator privileges should have suffix...
- Q28. An unauthorized network scan may be detected by parsing network sniffer data for:...
- Q29. The Key Reinstallation Attack (KRACK) vulnerability is specific to which types of devices?...
- Q30. During the forensic analysis of a compromised computer image, the investigator found that ...
- Q31. During a security investigation, a suspicious Linux laptop is found in the server room. Th...
- Q32. Which of the following is a cybersecurity solution for insider threats to strengthen infor...
- Q33. After successfully enumerating the target, the hacker determines that the victim is using ...
