CyberSecurity Training
Flashcard
•
Information Technology (IT)
•
Professional Development
•
Hard
Christopher Lynch
FREE Resource
Student preview
40 questions
Show all answers
1.
FLASHCARD QUESTION
Front
INCIDENCE RESPONSE PROCESS
What is the first step in the incident response process?
Back
Identify and confirm the incident by analyzing logs and alerts.
2.
FLASHCARD QUESTION
Front
INCIDENCE RESPONSE PROCESS
Scenario: A company detects unusual outbound network traffic that could indicate data exfiltration.
Question: What is the first step in the incident response proce
Back
Answer: Identify and confirm the incident by analyzing logs and alerts
3.
FLASHCARD QUESTION
Front
INCIDENCE RESPONSE PROCESS
Scenario: Employees report receiving emails from a compromised internal account requesting sensitive data.
Question: Should this be escalated immediately? Why or why not?
Back
Answer: Yes, because it indicates a potential account takeover and requires immediate containment.
4.
FLASHCARD QUESTION
Front
INCIDENCE RESPONSE PROCESS
Scenario: A ransomware infection has locked multiple workstations. The IT team is unsure whether to shut down affected systems.
Question: What should the team do first—shut down systems or isolate them?
Back
Answer: Isolate them from the network to prevent further spread before taking further action.
5.
FLASHCARD QUESTION
Front
Real World Reporting
The Twitter Bitcoin Scam (2020)
📌 Incident: Attackers gained access to Twitter’s internal tools via a phishing attack on employees, leading to a large-scale scam.
Back
Identify: Weak internal security protocols for employee access.
Protect: Lack of multi-factor authentication on internal admin tools.
Detect: Attack detected only after fraudulent tweets went viral.
Respond: Twitter locked down affected accounts and restricted employee access.
Recover: Twitter improved security policies and employee training.
6.
FLASHCARD QUESTION
Front
INCIDENCE RESPONSE PROCESS
Containment & Mitigation
Scenario: A malware outbreak spreads across an organization’s network. IT blocks external traffic from affected machines.
Question: What additional containment steps should be taken?
Back
Answer: Disable compromised accounts, segment the network, and block malicious IP addresses.
7.
FLASHCARD QUESTION
Front
INCIDENCE RESPONSE PROCESS
Containment and Mitigation
Scenario: A phishing attack compromised employee credentials. The attacker is attempting unauthorized access.
Question: What immediate actions should be taken?
Back
Answer: Force password resets, revoke unauthorized sessions, and monitor for further suspicious activity.
Create a free account and access millions of resources
Similar Resources on Wayground
41 questions
Cybersecurity Core Functions-IR TEAM
Flashcard
•
Professional Development
34 questions
BADM Exam 2
Flashcard
•
University
30 questions
Chapter 4 and 11 Flashcard
Flashcard
•
Professional Development
40 questions
Comp 337 - Exam Prep
Flashcard
•
University
40 questions
305 part one
Flashcard
•
KG
30 questions
A+ Core2 Day5a manage and configure basic security Windows
Flashcard
•
Professional Development
30 questions
Cybersecurity Flashcard
Flashcard
•
University
30 questions
Understanding Emergency Services
Flashcard
•
KG - University
Popular Resources on Wayground
18 questions
Writing Launch Day 1
Lesson
•
3rd Grade
11 questions
Hallway & Bathroom Expectations
Quiz
•
6th - 8th Grade
11 questions
Standard Response Protocol
Quiz
•
6th - 8th Grade
40 questions
Algebra Review Topics
Quiz
•
9th - 12th Grade
4 questions
Exit Ticket 7/29
Quiz
•
8th Grade
10 questions
Lab Safety Procedures and Guidelines
Interactive video
•
6th - 10th Grade
19 questions
Handbook Overview
Lesson
•
9th - 12th Grade
20 questions
Subject-Verb Agreement
Quiz
•
9th Grade