CYB 150 Wk 3 – Practice: Quiz

0 items
CYB 150 Wk 3 - Practice: Quiz
CYB 150 Wk 3 – Practice: Quiz
$5.00
Go to the store page
  • Description

CYB 150 Wk 3 – Practice: Quiz

  1. Question 1

3/3

  1. Who can prioritize the occurrence of an incident on the amount of loss it caused to the organization?

Hide answer choices

IR custodians

IR officer

IR assessment team

IT staff

  1. Question 2

3/3

  1. Which of the following IRT role is responsible for providing legal advice for the organization?

Hide answer choices

IT staff

Attorney

HR representative

Physical security staff

  1. Question 3

3/3

  1. Among the following, whose pretext can enable an incident response team (IRT) to work on an incident?

Hide answer choices

Decision maker

Incident analyzer

Evidence examiner/investigator

First responder

  1. Question 4

3/3

  1. Which of the following is the first response rule of the first responder?

Hide answer choices

Contain the damage.

Prevent attempts to retrieve data by unqualified individuals.

Make an initial incident assessment.

Restrict himself from doing an investigation.

  1. Question 5

3/3

  1. Who among the following is responsible for protecting, integrating, and preserving any evidence obtained from a crime scene?

Hide answer choices

Evidence manager

IR manager

First responder

Evidence examiner/investigator

  1. Question 6

3/3

  1. In which of the following types of alerts is an alarm not raised even when an incident occurs because of failure to properly define rules in the alerting system?

Hide answer choices

True negative

False negative

True positive

False positive

  1. Question 7

3/3

  1. Which of the following can best describe the impact of a medium-level security incident?

Hide answer choices

It disrupts the normal working of the organization.

It affects a few systems or services in an organization.

It may lead to a financial crisis.

It has no chance of propagating to other systems or services.

  1. Question 8

3/3

  1. Which among the following actions should a first responder take when an incident occurs in an organization?

Hide answer choices

Allow users to work on the suspected device.

Disable virus protection on the suspected device.

Change the state of the suspected device.

Start an investigation as soon as possible.

  1. Question 9

3/3

  1. Who among the following must decide whether to disconnect a suspected device from the network or let it stay connected after detecting an incident?

Hide answer choices

First responder

IT staff

Forensics examiner

Information security team

  1. Question 10

3/3

  1. Which of the following actions taken by a first responder can make evidence invalid in court and land them in legal trouble?

Hide answer choices

Initiating the investigation without approval

Disabling the virus protection on the suspected device

Alerting the management late

Not informing the IR team soon