11-3

Question 1

the nature of IT is ________, so its important to have a change control process

Answer 1

change

Question 2

a change control request should have the following

Answer 2

manager signs request
it unit verifies the request
it unit verifies the change
it unit plans to implement change
date and time of change scheduled

Question 3

you must have some sort of plan for how to respond should a security _________ occur.

Answer 3

breach

Question 4

when a virus hits your system immediately ___________ that system

Answer 4

quarantine

Question 5

after a successful quarantine has been implemented, you should take the following steps

Answer 5

scan / clean each machine
log the incident
bring machines online in stages
notify appropriate leaders
roundtable with IT staff tp discuss breach

Question 6

use firewall logs or IDS to find out which IP address ____________ the attack

Answer 6

originates

Question 7

be aware that an intrusion investigation could tune into a __________ investigation

Answer 7

criminal

Question 8

every incident response team should have some training in digital ____________

Answer 8

forensics

Question 9

immediately copy the logs of all affected ___________

Answer 9

systems

Question 10

immediately ________ all systems for trojan horses, firewall setting changes, etc.

Answer 10

scan

Question 11

document _______________

Answer 11

everything

Question 12

change all affected user ___________

Answer 12

password

Question 13

inform appropriate leaders of the incident, followed by an IT

Answer 13

roundtable

Question 14

with __________ , you want to make sure that your data is accurate, confidential, and available only to those who are authorized

Answer 14

access control

Question 15

no matter how good your firewalls, proxy server, virus scanning, and policies. if your developers create a code that is flawed, you will have ______________

Answer 15

security breaches.