Domain 4: Operations and Incident Response Flashcards

1
Q

What is incident response?

A

Incident response is the process of identifying, investigating, and responding to security incidents to minimize damage and restore normal operations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a SIEM (Security Information and Event Management) system?

A

A SIEM system is a tool that collects, correlates, and analyzes security data from various sources to detect and respond to security incidents.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a forensics investigation?

A

A forensics investigation is the process of collecting, preserving, analyzing, and presenting digital evidence in a manner suitable for legal proceedings.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a playbook in cybersecurity?

A

A playbook is a predefined set of procedures and steps to be followed during specific types of security incidents or attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a vulnerability scan?

A

A vulnerability scan is an automated process that identifies security weaknesses in systems, networks, and applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly