Incident Planning 4.8 Flashcards
1
Q
Table Top Exercise
A
- Key personnel sit down and discussing how to potentially handle a particular security scenario.
2
Q
Simulation
A
- Allows to perform a simulated attack to see the results.
- Security will intentionally perform a cyber attack.
3
Q
Root Cause Analysis
A
- Determine the root cause of a particular incident.
- Backtracking the incident to create conclusions regard the incident.
- Often incidents can be caused by a simple mistake.
4
Q
Threat Hunting
A
- Finding the threat first before the attacker.
5
Q
Issues with Threat Hunting
A
- Intelligence data is reactive
- You can’t see the attack until it happens.
6
Q
Preparation
A
- Includes all of the work prior to the incident.
7
Q
Detection
A
- Any method of identifying and determining an incident may be actively occurring.
8
Q
Analysis
A
- Provides detailed evidence for a security incident.