Which of the following phases of incident response is MOST appropriate as a FIRST response?
The helpdesk reports increased calls from clients reporting spikes in malware infections on their
systems. Which of the following phases of incident response is MOST appropriate as a FIRST
response?
Who should be contacted FIRST in the event of a security breach?
Who should be contacted FIRST in the event of a security breach?
which of the following steps of incident response does a team analyse the incident and determine steps to prev
In which of the following steps of incident response does a team analyse the incident and
determine steps to prevent a future occurrence?
which of the following types of risk mitigation strategies?
After a recent security breach, the network administrator has been tasked to update and backup
all router and switch configurations. The security administrator has been tasked to enforce stricter
security policies. All users were forced to undergo additional user awareness training. All of these
actions are due to which of the following types of risk mitigation strategies?
Which of the following incident response procedures is best suited to restore the server?
A server dedicated to the storage and processing of sensitive information was compromised with a
rootkit and sensitive data was extracted. Which of the following incident response procedures is
best suited to restore the server?
Which of the following incident response procedures would he need to perform in order to begin the analysis?
In the initial stages of an incident response, Matt, the security administrator, was provided the hard
drives in question from the incident manager. Which of the following incident response procedures
would he need to perform in order to begin the analysis? (Select TWO).
Which of the following is the LEAST volatile when performing incident response procedures?
Which of the following is the LEAST volatile when performing incident response procedures?
which of the following points in an incident should the officer instruct employees to use this information?
The security officer is preparing a read-only USB stick with a document of important personal
phone numbers, vendor contacts, an MD5 program, and other tools to provide to employees. At
which of the following points in an incident should the officer instruct employees to use this
information?
Which of the following would be MOST effective in reducing data leaks in this situation?
After a number of highly publicized and embarrassing customer data leaks as a result of social
engineering attacks by phone, the Chief Information Officer (CIO) has decided user training will
reduce the risk of another data leak. Which of the following would be MOST effective in reducing
data leaks in this situation?
which of the following?
Sara, a company’s security officer, often receives reports of unauthorized personnel having
access codes to the cipher locks of secure areas in the building. Sara should immediately
implement which of the following?