LO4.1 Flashcards

1
Q

What is the typical five step order to responding to an incident?

A

Inform those involved
Assess extent of the incident
Contain the incident
Eradicate the incident
Reduce the impact and recover from the incident

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are three examples of who you may inform when responding to an incident?

A

Customers
Stakeholders
Workers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the benefit to assessing the extent of the incident?

A

It sets a start point to go from so people know what they’re doing when responding to the incident

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are two examples to how you would contain the incident?

A

Isolating certain sensitive systems or data
Implementing security measures to mitigate additional damage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are three examples to how you could eradicate the incident?

A

Delete malware
Disable breached user accounts
Identify all affected hosts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are three examples of how you could reduce the impact and recover from the incident?

A

Rebuild systems from scratch
Install patches
Change passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly