LO4.2 Flashcards

1
Q

What are the twelve components of a typical cyber security incident report?

A

Title and Date
Target of incident
Incident category
Description of incident
Type of attacker
Purpose of incident
Technique(s) used by attacker(s)
Capability of attacker(s)
Impact of incident
Cost of incident
Responses needed
Future management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Why is the date important for a cyber security incident report?

A

So it can be cross-referenced with other activity such as updates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What could be noted for the target of the incident?

A

Whether the incident was targeted upon the organisation, a particular department or just an individual or if the target was upon hardware, software, information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the four incident categories?

A

Critical
Significant
Minor
Negligible

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are three examples of what may be considered for the description of the incident?

A

What specific problem did it create
How is discovered
What type of incident it was

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are three examples of what could be considered for the type of attacker?

A

Was it internal
External
One person or a group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are three examples of what could be considered for the purpose of incident?

A

Was it for financial gain
Political advantage
Destruction of reputation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are three examples of what could be considered for the impact of the incident?

A

Business
Data
Recovery time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the two main examples of what could be considered for the cost of the incident?

A

Financial
Reputation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are three examples of what could be considered for future management?

A

Review of incident
Analysis to evaluate trends
Updates of key information and procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly