Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Block 5 - Cyber Security > 5B > Flashcards

5B Flashcards

1
Q

The primary goal of the __ ___ is to activate the CIRT and contain the incident.

A

First responder

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

There are six steps taken in response to cyber incidents according to Air Force instruction _____, Cyber Incident Handling. Keep in mind that steps and terminology for the industry at large are slightly different than for the USAF.

A

AFI 17-203

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The six steps taken in response to cyber incidents are:

A
  1. Detection and Reporting of Events
  2. Preliminary Analysis and Identification
  3. Preliminary Response Actions
  4. Incident Analysis
  5. Response and Recovery
  6. Post-Incident Analysis
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The following describes which step in responding to a cyber incident?

  • Intrusion Detection Systems (IDS) or personnel reports.
  • Gather/report preliminary information.
  • Begin coordinating reporting/response.
A

Detection and Reporting of Events

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The following describes which step in responding to a cyber incident?

  • Categorize the activity (if upon initial analysis you cannot
    determine the cause, use Category 8: Investigating, and update as required).
  • Gather additional info as required.
  • Classify as required.
  • Send notification messages per SOP’s
A

Preliminary Analysis and Identification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The following describes which step in responding to a cyber incident?

  • Contain incident/threat.
  • Preserve data to allow for further incident analysis.
  • Begin chain of custody docs.
A

Preliminary Response Actions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The following describes which step in responding to a cyber incident?

  • is the series of analytical steps taken to find out what occurred in an incident.
  • Analyze data to understand technical details, root cause(s),
    and potential impact
A

Incident Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The following describes which step in responding to a cyber incident?

  • Prevent further damage.
  • Restore integrity of systems.
  • Implement follow-up strategies
A

Response and Recovery

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The following describes which step in responding to a cyber incident?

  • Review lessons learned.
  • Root cause(s).
  • Problems executing COAs.
  • Missing policies/procedures.
  • Inadequate infrastructure.
A

Post-Incident Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Block 5 - Cyber Security (24 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions