Which of the following phases of incident response is MOST appropriate as a FIRST response?
The helpdesk reports increased calls from clients reporting spikes in malware infections on their systems.
Which of the following phases of incident response is MOST appropriate as a FIRST response?
Who should be contacted FIRST in the event of a security breach?
Who should be contacted FIRST in the event of a security breach?
which of the following steps of incident response does a team analyse the incident and determine steps to prev
In which of the following steps of incident response does a team analyse the incident and determine
steps to prevent a future occurrence?
which of the following types of risk mitigation strategies?
After a recent security breach, the network administrator has been tasked to update and backup all
router and switch configurations. The security administrator has been tasked to enforce stricter security
policies. All users were forced to undergo additional user awareness training. All of these actions are due
to which of the following types of risk mitigation strategies?
Which of the following incident response procedures is best suited to restore the server?
A server dedicated to the storage and processing of sensitive information was compromised with a
rootkit and sensitive data was extracted. Which of the following incident response procedures is best
suited to restore the server?
Which of the following incident response procedures would he need to perform in order to begin the analysis?
In the initial stages of an incident response, Matt, the security administrator, was provided the hard
drives in question from the incident manager. Which of the following incident response procedures
would he need to perform in order to begin the analysis? (Select TWO).
Which of the following is the LEAST volatile when performing incident response procedures?
Which of the following is the LEAST volatile when performing incident response procedures?
which of the following points in an incident should the officer instruct employees to use this information?
The security officer is preparing a read-only USB stick with a document of important personal phone
numbers, vendor contacts, an MD5 program, and other tools to provide to employees. At which of the
following points in an incident should the officer instruct employees to use this information?
Which of the following would be MOST effective in reducing data leaks in this situation?
After a number of highly publicized and embarrassing customer data leaks as a result of social
engineering attacks by phone, the Chief Information Officer (CIO) has decided user training will reduce
the risk of another data leak. Which of the following would be MOST effective in reducing data leaks in
this situation?
which of the following?
Sara, a company’s security officer, often receives reports of unauthorized personnel having access codes
to the cipher locks of secure areas in the building. Sara should immediately implement which of the
following?