Incident response

Question 1

_____ is an incident response lifecycle phase pertaining to finding the root cause of an incident. For example, a user clicking a malicious link in an email is a root cause for a potentially larger problem.

Answer 1

Eradication

Question 2

______ is a stage in the incident response lifecycle. In this stage, the goal is to limit the scope and reach of the event. One approach in _____ is to isolate infected systems.

Answer 2

Containment

Question 3

_____ is a stage in the incident response lifecycle. This stage ensures the threat no longer exists and all systems are brought back to a secure state.

Answer 3

Recovery

Question 4

With a _____ exercise, staff will “ghost” the same procedures as they would in a disaster, without actually creating disaster conditions or applying or changing anything.

Answer 4

tabletop

Question 5

______ provide basic awareness and training for disaster recovery team members, these exercises describe the contents of disaster recovery plans and other plans, and the roles and responsibilities outlined in those plans.

Answer 5

Walkthroughs

Question 6

______ exercises are action-based sessions where employees can validate all plans by performing scenario-based activities in a simulated environment.

Answer 6

Functional

Question 7

______ exercises are action-based sessions that reflect real situations. These exercises are held onsite and use real equipment and real personnel as much as possible.

Answer 7

Full-scale

Question 8

_______ is a collection of processes that enable an organization to maintain normal business operations in the face of some adverse event

Answer 8

Continuity of Operations (COOP)