Kahoot Review

Question 1

Responsibility for strategy, data, IT asset

Answer 1

CISO

Question 2

Blocklist filtering, Host Isolation, Segementation

Answer 2

Cybersecurity Incidents

Question 3

Pen test is part of DFIR

Answer 3

False

Question 4

Tools for Data Carving

Answer 4

PhotoRec, HxD, Bulk Extractor

Question 5

Preparation and Planning, Detection and Analysis, Containment, Eradication, Recovery, and Post Incident

Answer 5

NIST Incident Response method

Question 6

you can replace network traffic with Wireshark

Answer 6

False

Question 7

Volatility Tool

Answer 7

Memory Inspection Tool

Question 8

File System changes, Network Activity, Registry changes should be monitored during malware analysis

Answer 8

True

Question 9

What should you use to test malware in an isolated environment/

Answer 9

Sandbox

Question 10

Wireshark is , tcpdump is

Answer 10

GUI, CLI

Question 11

Autoruns tool is

Answer 11

Find persistent malware

Question 12

Registry keys, Services, Schedule

Answer 12

Malware persistence

Question 13

Windows Event Viewer include Alert, Error, Debug

Answer 13

True

Question 14

What does UPX do?

Answer 14

Obfuscate Malware code (Ultimate Packer for Executables

Question 15

Hiding a file within a file is

Answer 15

Steganography

Question 16

What does FTK imager do

Answer 16

clone a drive

Question 17

when data is erased it stays on HDD until overwritten

Answer 17

True

Question 18

File System EXT4

Answer 18

Linux

Question 19

What are ARM, MIPS, NASM?

Answer 19

CPU architecture

Question 20

What does Debugger do

Answer 20

debugs code investigate malware