Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

SSCP (Official app) > Incident Response and Recovery > Flashcards

Incident Response and Recovery Flashcards

1
Q

What is clock synchronization?

A

Prevents clock difference between client and server so that analysis of systems event logs are much easier

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is eradication?

A

Finding and eliminating all copies of casual agents such as malware files or unauthorized user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How you provide incident response support to forensics investigations?

A

Secure the scene, protect evidence, establish and maintain chain of custody of evidence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the phases of incident response?

A
  1. Detection
  2. Characterization
  3. Containment
  4. Eradication
  5. Restoration
  6. Reporting

Preparation precedes first detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What kind of things might be an indicator of compromise?

A

Recognizable malware signatures, attempts to access IP addresses, or domain names associated with known or suspected botnet control server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the main difference between WIPS and WIPS as compared with NIPS and NIDS?

A

Wireless detection and prevention needs to extend further into Layer 1 and 2 traffic and may also involve RF surveillance and mapping to identify interference, jamming, or rogue devices.

Wired do not go into Layer 1 or 2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

SSCP (Official app) (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions