In which step of the incident response methodology is

  • No School
  • AA 1
  • aksdwi26
  • 53
  • 91% (32) 29 out of 32 people found this document helpful

This preview shows page 38 - 41 out of 53 pages.

QUESTION 9 1. In which step of the incident response methodology is the goal to restore the system to normal operations? ContainmentRemediationRecoveryAftermath 10 points QUESTION 101.Which step of the incident response methodology includes setting up a reasonable set of defenses/controls, creating a set of procedures to deal with incidents, obtaining the resources and personnel necessary to deal with the problem, and establishing an infrastructure to support incident response? 10 points QUESTION 111.According to the University of Winnipeg Incident Response Procedures, which of the following is responsible for confirming incidents and coordinating resources to handle them?
Image of page 38
10 points QUESTION 121.In which step of the incident response methodology do you detect the incident, determine its scope, and involve the appropriate parties? 10 points QUESTION 13 1. According to the University of Winnipeg classification of incident levels, which of the following categories refers to incidents that are completely unexpected and result in extreme disruption/loss to core services and the ability to meet mission objectives? LowMediumHighCritical 10 points QUESTION 14 1. Which step of the incident response methodology might include actions such as disconnecting the compromised area from the network, isolating the source of the attack, disconnecting the affected computer(s) in order to perform further investigation, or terminating unwanted connections or processes on affected machines?
Image of page 39
10 points QUESTION 15 1. According to the University of Winnipeg classification of incident levels, which of the following categories refers to incidents that result in little to no loss of sensitive information, little or very limited impact operations, and minimal risk of negative financial impact? 10 points QUESTION 16 1. If you are reacting to a malicious software attack, such as a virus and its spread, during which step in the incident response process are you attempting to minimize its spreading? 10 points QUESTION 17 1. Which of the following statements is true regarding the information used in responding to and handling an incident? The provider of the incident response information and the consumer of the incident response information are the same party.Senior management possesses the subject matter expertise to handle the incident but does not approve the response policy and budget.It is up to the incident response team to either give or deny approval and make the decisions that might impact business.Management remains the consumer and chief decider, based on information provided to it by the experts.
Image of page 40
Image of page 41

You've reached the end of your free preview.

Want to read all 53 pages?

  • Fall '19

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture