Join the discussion
Question 1/134
Incident handling and response steps help you to detect, identify, respond and manage an incident. Which of the following helps in recognizing and separating the infected hosts from the information system?
Correct Answer: A
Add Comments
- Other Question (134q)
- Q1. Incident handling and response steps help you to detect, identify, respond and manage an i...
- Q2. Which of the following types of fuzz testing strategies does new data get generated from s...
- Q3. Which of the following details are included in the evidence bags?...
- Q4. The ability of an agency to continue to function even after a disastrous event, accomplish...
- Q5. Jason is an incident handler dealing with malware incidents. He was asked to perform a mem...
- Q6. The type of relationship between CSIRT and its constituency have an impact on the services...
- Q7. Allan performed a reconnaissance attack on his corporate network as part of a red-team act...
- Q8. Rica works as an incident handler for an international company. As part of her role, she m...
- Q9. Clark, a professional hacker, successfully exploited the web application of a target organ...
- Q10. According to the Evidence Preservation policy, a forensic investigator should make at leas...
- Q11. One of the goals of CSIRT is to manage security problems by taking a certain approach towa...
- Q12. The sign of incident that may happen in the future is called:...
- Q13. The correct sequence of incident management process is:...
- Q14. Based on the some statistics; what is the typical number one top incident?...
- Q15. Which of the following is a common tool used to help detect malicious internal or compromi...
- Q16. Which of the following may be considered as insider threat(s):...
- Q17. Which test is conducted to determine the incident recovery procedures effectiveness?...
- Q18. Authorized users with privileged access who misuse the corporate informational assets and ...
- Q19. Malicious downloads that result from malicious office documents being manipulated are caus...
- Q20. In the Control Analysis stage of the NIST's risk assessment methodology, technical and non...
- Q21. A Malicious code attack using emails is considered as:...
- Q22. Alexis is working as an incident responder in XYZ organization. She was asked to identify ...
- Q23. John is a professional hacker who is performing an attack on the target organization where...
- Q24. A US Federal Agency network was the target of a DoS attack that prevented and impaired the...
- Q25. Digital evidence must:
- Q26. An incident recovery plan is a statement of actions that should be taken before, during or...
- Q27. Risk is defined as the probability of the occurrence of an incident. Risk formulation gene...
- Q28. Chandler is a professional hacker who is targeting an organization called Technote. He wan...
- Q29. Attackers or insiders create a backdoor into a trusted network by installing an unsecured ...
- Q30. In the Control Analysis stage of the NIST's risk assessment methodology, technical and non...
- Q31. Which of the following is a risk assessment tool:...
- Q32. Rose is an incident-handler and is responsible for detecting and eliminating any kind of s...
- Q33. In the cloud environment, an authorized security professional executes approved sanitation...
- Q34. Andrew, an incident responder, is performing risk assessment of the client organization. A...
- Q35. He must present this evidence in a clear and comprehensible manner to the members of jury ...
- Q36. Qual Tech Solutions is a leading security services enterprise. Dickson works as an inciden...
- Q37. Which of the following terms refers to the personnel that the incident handling and respon...
- Q38. A threat source does not present a risk if NO vulnerability that can be exercised for a pa...
- Q39. Alexis works as an incident responder at XYZ organization. She was asked to identify and a...
- Q40. A computer Risk Policy is a set of ideas to be implemented to overcome the risk associated...
- Q41. An adversary attacks the information resources to gain undue advantage is called:...
- Q42. Matt is an incident handler working for one of the largest social network companies, which...
- Q43. Lack of forensic readiness may result in:
- Q44. ADAM, an employee from a multinational company, uses his company's accounts to send e-mail...
- Q45. The role that applies appropriate technology and tries to eradicate and recover from the i...
- Q46. What is the name of the type of malicious software or malware designed to deny access to a...
- Q47. An incident recovery plan is a statement of actions that should be taken before, during or...
- Q48. The flow chart gives a view of different roles played by the different personnel of CSIRT....
- Q49. Organizations or incident response teams need to protect the evidence for any future legal...
- Q50. In which of the following phases of incident handling and response (IH&R) process are ...
- Q51. Policies are designed to protect the organizational resources on the network by establishi...
- Q52. The open source TCP/IP network intrusion prevention and detection system (IDS/IPS), uses a...
- Q53. Computer Forensics is the branch of forensic science in which legal evidence is found in a...
- Q54. Which of the following is an attack that occurs when a malicious program causes a user's b...
- Q55. Mr.Smith is a lead incident responder of a small financial enterprise, which has a few bra...
- Q56. Robert is an incident handler working for X security Inc. One day, his organization faced ...
- Q57. An organization faced an information security incident where a disgruntled employee passed...
- Q58. Bob, an incident responder at CyberTech Solutions, is investigating a cybercrime attack th...
- Q59. What is the best staffing model for an incident response team if current employees' expert...
- Q60. The state of incident response preparedness that enables an organization to maximize its p...
- Q61. Racheal is an incident handler working at an organization called Inception Tech. Recently,...
- Q62. Farheen is an incident responder at reputed IT Firm based in Florida. Farheen was asked to...
- Q63. Introduction of malicious programs on to the device connected to the campus network (Troja...
- Q64. Agencies do NOT report an information security incident is because of:...
- Q65. Any information of probative value that is either stored or transmitted in a digital form ...
- Q66. An estimation of the expected losses after an incident helps organization in prioritizing ...
- Q67. Oscar receives an email from an unknown source containing his domain name oscar.com. Upon ...
- Q68. In a qualitative risk analysis, risk is calculated in terms of:...
- Q69. Incident may be reported using/ by:
- Q70. The policy that defines which set of events needs to be logged in order to capture and rev...
- Q71. The network perimeter should be configured in such a way that it denies all incoming and o...
- Q72. You area systems administrator for a company. You are accessing your fileserver remotely f...
- Q73. Your company sells SaaS, and your company itself is hosted in the cloud (using it as a Paa...
- Q74. Multiple component incidents consist of a combination of two or more attacks in a system. ...
- Q75. What is the most recent NIST standard for incident response?...
- Q76. If the loss anticipated is greater than the agreed upon threshold; the organization will:...
- Q77. Which policy recommends controls for securing and tracking organizational resources:...
- Q78. Which of the following GPG 18 and Forensic readiness planning (SPF) principles states that...
- Q79. Which of the following is not a countermeasure to eradicate inappropriate usage incidents?...
- Q80. Which of the following is a correct statement about incident management, handling and resp...
- Q81. Stanley is an incident handler working for TexaCorp., a United States based organization. ...
- Q82. The network perimeter should be configured in such a way that it denies all incoming and o...
- Q83. Multiple component incidents consist of a combination of two or more attacks in a system. ...
- Q84. A distributed Denial of Service (DDoS) attack is a more common type of DoS Attack, where a...
- Q85. Rossi san incident manager (IM) at an organization, and his team provides support to all u...
- Q86. Eric works as an incident handler at Erinol software systems. He was assigned a task to pr...
- Q87. Mr.Smith is a lead incident responder of a small financial enterprise, which has a few bra...
- Q88. An insider threat response plan help san organization minimize the damage caused by malici...
- Q89. An attacker uncovered websites a target individual was frequently Suring. The attacker the...
- Q90. If the browser does not expire the session when the user fails to logout properly, which o...
- Q91. According to NITS, what are the 5 main actors in cloud computing?...
- Q92. Which among the following CERTs is an Internet provider to higher education institutions a...
- Q93. Drake is an incident handler at Dark Cloud Inc. Heist asked with performing log analysis i...
- Q94. Which of the following incident recovery testing methods works by creating a mock disaster...
- Q95. Insider threats can be detected by observing concerning behaviors exhibited by insiders, s...
- Q96. Rinni is an incident handler and she is performing memory dump analysis. Which of followin...
- Q97. Which of the following email security tools can be used by an incident handler to prevent ...
- Q98. Risk management consists of three processes, risk assessment, mitigation and evaluation. R...
- Q99. Unusual logins, accessing sensitive information not used for the job role, and the use of ...
- Q100. A risk mitigation strategy determines the circumstances under which an action has to be ta...
- Q101. The Malicious code that is installed on the computer without user's knowledge to acquire i...
- Q102. An incident handler is analyzing email headers to uncover suspicious emails. Which of the ...
- Q103. The most common type(s) of intellectual property is(are):...
- Q104. Which of the following is NOT one of the common techniques used to detect Insider threats:...
- Q105. Insiders understand corporate business functions. What is the correct sequence of activiti...
- Q106. Eric is an incident responder working on developing incident-handling plans and procedures...
- Q107. The free, open source, TCP/IP protocol analyzer, sniffer and packet capturing utility stan...
- Q108. Which of the following might be an insider threat?...
- Q109. Spyware tool used to record malicious user's computer activities and keyboard stokes is ca...
- Q110. Zaimasoft, a prominent IT organization, was attacked by perpetrators who directly targeted...
- Q111. The main difference between viruses and worms is:...
- Q112. SWA Cloud Services added PK las one of their cloud security controls. What does PKI stand ...
- Q113. Preventing the incident from spreading and limiting the scope of the incident is known as:...
- Q114. The insider risk matrix consists of technical literacy and business process knowledge vect...
- Q115. Which of the following terms refers to an organization's ability to make optimal use of di...
- Q116. Shall y, an incident handler, works for a company named Texas Pvt.Ltd.based in Florida. Sh...
- Q117. Tom received a phishing email and accidentally opened its attachment. This resulted in the...
- Q118. The free, open source, TCP/IP protocol analyzer, sniffer and packet capturing utility stan...
- Q119. Finnis working in the eradication phase, wherein he is eliminating the root cause of an in...
- Q120. Which of the following is NOT a network forensic tool?...
- Q121. Overall Likelihood rating of a Threat to Exploit a Vulnerability is driven by :...
- Q122. Clark is investigating a cybercrime at TechSoft Solutions. While investigating the case, h...
- Q123. A malicious security-breaking code that is disguised as any useful program that installs a...
- Q124. Removing or eliminating the root cause of the incident is called:...
- Q125. Insiders understand corporate business functions. What is the correct sequence of activiti...
- Q126. Changing the web server contents, Accessing the workstation using a false ID and Copying s...
- Q127. Common name(s) for CSIRT is(are)
- Q128. An adversary attacks the information resources to gain undue advantage is called:...
- Q129. ________________ attach(es) to files
- Q130. Patrick is doing a cyber forensic investigation. He is in the process of collecting physic...
- Q131. You area systems administrator for a company. You are accessing your fileserver remotely f...
- Q132. Which of the following techniques helps incident handlers detect man-in-the-middle attacks...
- Q133. Alexis an incident handler for Tech-o-Tech Inc. and is tasked to identify any possible ins...
- Q134. Which of the following describes the introduction of malicious programs on to a device con...
