DIGITAL FORENSICS FINAL.docx - Which part of contingency...

This preview shows page 1 - 4 out of 15 pages.

Which part of contingency planning focuses on updating the plan as soon as a new process is added or deleted from the organization? Maintaining the plan Developing the plan Starting point Impact analysis and risk assessment
Which type of incident is most commonly performed using port scanning?
Reconnaissance Steganography has been used to perform attacks that fall under which classification of incident?
Caveat During which stage of the incident response handling process should the passwords on all affected systems be changed?
When trying to prevent security incidents in the network, what strategy is being employed by reviewing the ISA logs and performing remote-access audits? Establishing defense-in-depth Scanning Securing clients for remote users Detecting intrusions Unauthorized storing or processing of data is classified as what category of security incident? Critical level Mid level Low level High level When assigning resources for support, which of the following incidents has the highest priority? Compromise of restricted confidential service accounts or software installations, in particular those with access to confidential data Denial-of-service attacks Root or system-level attacks on any machine Threats to the physical safety of human beings When estimating the cost of an incident, which of the following is a tangible loss? Loss of goodwill Legal liability Loss of business Corporate reputation
Which member of the incident response team acts as the secondary witness to all the changes made to the computer and network systems during forensic analysis? Incident Liaison (IL) Incident Investigator and Coordinator (IIC) Information System Security Manager (ISSM) Senior System Manager (SSM)
What is the first step in the incident handling process when the network is being attacked by a virus or worm?
What is the most important role for a forensic examiner during investigations?
Maintaining documentation relating to the evidence During any cybercrime investigation, what is the most important factor that forensic scientists must be aware of?

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture