which of the following phases of the Incident Response process should a security administrator define and impl
During which of the following phases of the Incident Response process should a security
administrator define and implement general defense against malware?
Which of the following stages of the Incident Handling process is the team working on?
The Chief Technical Officer (CTO) has tasked The Computer Emergency Response Team (CERT)
to develop and update all Internal Operating Procedures and Standard Operating Procedures
documentation in order to successfully respond to future incidents. Which of the following stages
of the Incident Handling process is the team working on?
Which of the following phases of incident response is MOST appropriate as a FIRST response?
The helpdesk reports increased calls from clients reporting spikes in malware infections on their
systems. Which of the following phases of incident response is MOST appropriate as a FIRST
response?
Who should be contacted FIRST in the event of a security breach?
Who should be contacted FIRST in the event of a security breach?
which of the following steps of incident response does a team analyse the incident and determine steps to prev
In which of the following steps of incident response does a team analyse the incident and
determine steps to prevent a future occurrence?
which of the following types of risk mitigation strategies?
After a recent security breach, the network administrator has been tasked to update and backup
all router and switch configurations. The security administrator has been tasked to enforce stricter
security policies. All users were forced to undergo additional user awareness training. All of these
actions are due to which of the following types of risk mitigation strategies?
Which of the following incident response procedures is best suited to restore the server?
A server dedicated to the storage and processing of sensitive information was compromised with a
rootkit and sensitive data was extracted. Which of the following incident response procedures is
best suited to restore the server?
Which of the following incident response procedures would he need to perform in order to begin the analysis?
In the initial stages of an incident response, Matt, the security administrator, was provided the hard
drives in question from the incident manager. Which of the following incident response procedures
would he need to perform in order to begin the analysis? (Select TWO).
Which of the following is the LEAST volatile when performing incident response procedures?
Which of the following is the LEAST volatile when performing incident response procedures?
which of the following points in an incident should the officer instruct employees to use this information?
The security officer is preparing a read-only USB stick with a document of important personal
phone numbers, vendor contacts, an MD5 program, and other tools to provide to employees. At
which of the following points in an incident should the officer instruct employees to use this
information?