Later Phases of Incident Response Flashcards
True or false: The vulnerability mitigation method may consist of many methods for handling vulnerabilities.
A. True
B. False
A. True
The vulnerability mitigation method may consist of one or more methods for handling vulnerabilities. Patch management and system hardening are some of the examples of vulnerability mitigation.
Which of the following are methods of sanitization?
(Choose all that apply)
A. Degaussing
B. Low-level Format
C. Control Erase
D. Data Disposal
A. Degaussing
B. Low-level Format
C. Data Disposal
Examples of sanitization include:
Degaussing: Uses an electromagnet to wipe off the data and make the media completely useless. This is a method of physical destruction.
Low-level Format: Removes everything from the hard drive, including the sector address table. Each sector on the hard drive is re-initialized. It is virtually impossible to recover data from a low level formatted hard drive. At the end of the low-level format, the hard drive is fresh for use.
Data Disposal: Eliminates the data stored on the hard drive to make it completely unreadable. Even with the use of a specialized tool, data cannot be recovered.
Data overwrite: Data overwrite simply deletes the old data and adds new data on the hard drive. The new data overwrites the sectors where the old data is deleted.
Data Wipe: Data wipe overwrites the hard drive with 0 and 1 and ensures that the data cannot be recovered.
Cryptographic erase: Eliminates the key pair or even the public key. The data is useless on the hard drive after the key pair is eliminated. This method does not damage the drive or its media, and the drive can be further formatted and used.
What is the rebuilding of a system called?
A. Reboot
B. Formatting
C. Data Disposal
D. Reconstruction
D. Reconstruction
After a system has been sanitized, it can be re-used by rebuilding or reconstructing it. This involves installing the system with an operating system, the applications, and the data to add. Special-purpose systems, such as Webservers, are configured accordingly.
Data Disposal: Data disposal is a part of Sanitization. Data disposal makes the data stored on the hard drive completely unreadable. Even with the use of a specialized tool, data cannot be recovered.
Formatting: Formatting a computer means wiping out all data and file systems from the hard disk to create a new file system on the disk to prepare it for subsequent use.
Reboot: Booting is starting a computer’s operating system. Rebooting is a subsequent start that is usually necessitated by a computer malfunction or a crash. Rebooting restarts the computer and get it back to working normally.
True or false: To prevent any kind of threat to a system, its applications, and operating system, you need to ensure that the system is regularly patched.
A. True
B. False
A. True
To prevent any kind of threat to a system, its applications, and operating system, you need to ensure that the system is regularly patched. You must ensure that the available patches is installed not only for the operating system and applications but also for the firmware of the system.
What does IR stand for?
A. Incident Report
B. Incident Response
C. Incident Regulations
D. Incident Removal
B. Incident Response
IR stands for Incident Response. The incident response (IR) Team are tasked to handle any incidents as they appear and work on remediation.
