Goal of the incident response is to handle the incidents in a way that minimizes the damage and reduces recovery time and costs. Which of the following does not constitute the goals of an incident response?

Dealing with human resource department and various employee conflict behaviors

Helping personnel to recover quickly and efficiently from security incidents, minimizing loss or theft of information and disruption of services

Using information gathered during incident handling to prepare for handling future incidents in a better way and to provide stronger protection for systems and data

Dealing properly with legal issues that may arise during incidents

Information warfare is the conflict that makes use of Information / Information systems as weapons for both offensive and defensive purpose. Here, the information/information systems can secure, prove/disprove allegations, gain advantage over competitor, or destroy, corrupt, the information and information systems. Passive information gathering is

Obtaining details of the target organization that are freely available on the Internet, and through various other techniques without coming into direct contact with the organization

Obtaining details of the target organization by enquiring with its immediate partners

Obtaining details of the target organization by scanning their network

Obtaining details of the target organization that are freely available on the Internet, and through various other techniques by coming into direct contact with the organization

Obtaining details of the target organization posting the required queries in the underground hacking forums

It is an act of transferring files without authorization or using inter---domain access mechanisms to access files and directories belonging to another organization's domain. Identify the type of computer security incident

Unauthorized use of active directory

Computer Risk policy is a set of ideas to be implemented to overcome the risk associated with computer security incidents. Identify the statement that is not part of the computer risk policy.

Procedure to identify security funds to hedge risk

Personel and technical controls for the computer system

Procedures for the on going training of employees authorized to access the system

Procedure to monitor the efficiency of the security control

Provisions for continuing support if there is an interruption in the system or if the system crashes

In the control analysis stage of the NIST's risk assessment methodology, technical and nontechnical control methods are classified into two categories. Identify the control categories.

Preventive and Detective controls

Preventive and Predictive controls

Detective and Disguised controls

Predictive and Detective controls

In qualitative risk analysis, risk is calculated in terms of:

(Attack Success + Criticality) – (Countermeasures)

Asset criticality assessment –(Risks and Associated Risk Levels)

(Countermeasures + Magnitude of Impact)--- (Reports from prior risk assessments)

Risk that remains after implementation of all the possible risk control measures is called as residual risk. Residual Risk= (Inherent Risk) X (Control Risk), where Inherent Risk is equivalent to?

Risk Assessed + Risk Managed + Risk Communicated

(Attack Success + Criticality) – (Countermeasures)

Significant Risks x Probability of Loss X Loss

Quantitative risk is numerical determination of the probability of an adverse event and the extent of the losses due to the event. Quantitative risk is calculated as

Significant Risks x Probability of Loss X Loss

The incident management team provides support to all users in the organization that are affected by threat or attack. Who among the following is not part of the incident management team?

Staff that supports department representatives

The incident management team provides support to all users in the organization that are affected by threat or attack. The organization’s internal auditor is part of the incident response team. Identify one of the responsibilities of the internal auditor as a part of the incident response team.

Identify and report security loopholes to the management for necessary actions

Organize security activities with ISO

Prepare summary on corrective actions taken to handle the incident

Examines system logs to identify the malicious activities

Analyze network traffic for signs of incidents

CSIRT is a service organization which provides 24x7 computer security incident response services to any user, company, government agency, or organization and provides the means for reporting incidents and disseminating important incident related information. What does CSIRT stands for?

Computer Security Incident Response Team

Computer Support Inherent Risk Team

Computer Security Incident Recovery Team

Computer Security Incident Risk Team

Except for some common roles, the roles in an IRT are distinct for every organization. Which among these is the role played by the Incident Coordinator of an IRT?

Links the groups that are affected by the incidents, such as legal, human resources, different business areas, and management

Focuses on the incident and handles it from management and technical point of view

Applies the appropriate technology and tries to eradicate and recover from the incident

Links the appropriate technology to the incident to ensure that the foundation’s offices are returned to normal operations as quickly as possible

A file or an object that is found on the system that might involve attacking systems and networks is said to be an artifact. Handling an artifact involves receiving information about the artifacts which are used in the intruder attacks, investigation, and other unauthorized activities causing distortions. Identify the service category of CSIRT that artifact handling belongs to.

Security quality management services

Incident tracking and reporting systems services

Which service of the CSIRT incorporates feedback and lessons learned based on knowledge gained by responding to incidents, vulnerabilities, and attack?

Security quality management services

Incident tracking and reporting systems services

Inappropriate usage incident takes place when a user's actions violate the acceptable computing use policies. Identify the incident which cannot be classified as inappropriate usage incident.

Quarantining virus detected during a scan

Installing password cracking tools

Sending spam mails which promote the personal business

Sending emails to colleagues which irritates them

Malicious code may attack the systems and networks using different techniques, such as using emails, exploiting vulnerable applications and services. Which of the following is not the sign of the presence of malicious code?

Increase in the number of e---mails sent and received

Change in the Template of word processing document

Old message and graphics will appear on screen

ECIH QUIZ

Authored by Marsha Defenxor

Computers

KG - 5th Grade

Used 11+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

50 questions

Show all answers

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

Computer security incident can be defined as:

Rectifying loss of information that may affect the investment of organization in different business activities

Events related to physical security incidents and trouble--- shooting issues in corporate networks

Any real or suspected adverse event in relation to the security of computer systems or networks

Policies guaranteeing access to information system resources

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

Data classification is the process of classifying data based on the level of sensitivity as it is created, modified, improved, stored, or transmitted. Which of
these levels fall into U.S. Government standards for data classification?

Top secret

All answer is correct

Confidential

Restricted

Unclassified

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

"Technically not a U.S. Government classification level, but used for government documents that do not have a classification. Such documents can sometimes be viewed by those without security clearance”. Which of the following items correctly
describes the above statement?

Top secret

Unclassified

Confidential

Restricted

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Information Warfare refers to the use of information and information systems as weapons in a conflict in which the information and information systems themselves are the targets. Which of these constitute the categories of information warfare?

Offensive information warfare

Employee sabotage information warfare

Defensive information warfare

Organization’s breach information warfare

Offensive and Defensive information warfare

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Information system processes data into useful information to achieve specified organizational or individual goals. It accepts, processes, and stores data in the form of records in a computer system and automates some of the information processing activities of the organization.
Who is responsible for implementing and controlling the security measures of an information system?

Information custodian

Information consultant

Information owner

Information implementer

Information gatherer

MULTIPLE SELECT QUESTION

1 min • 1 pt

Identify the three tenets of information security.

Confidentiality

Integrity

Availability

Non---Repudiation

authorization

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Which out of these signs do not indicate a computer security incident?

A system alarm or similar indication from an intrusion---detection

Attempt to logon to a new user account

Smoke emitting from the system

System crashes or poor system performance

Unauthorized operation of a program or sniffer device to capture network traffic

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

45 questions

Computer memory

Quiz

•

University

45 questions

ข้อสอบกลางภาควิชาเทคโนโลยีสารสนเทศเพื่อการจัดการอาชีพ

Quiz

•

8th Grade

51 questions

ALGORITHM AND FLOWCHART

Quiz

•

12th Grade - University

45 questions

Ujian IoT PTS 2024 45 Soal

Quiz

•

11th Grade - University

50 questions

Simulasi Bahasa Indonesia Ke-1 (Paragraf)

Quiz

•

9th Grade

55 questions

ICT

Quiz

•

5th - 6th Grade

50 questions

REVIEW QUIZ FOR PERIODICAL EXAM IN COMPUTER HARDWARE SERVICING

Quiz

•

9th Grade

50 questions

MES3093: QUIZ

Quiz

•

University

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

54 questions

Analyzing Line Graphs & Tables

Quiz

•

4th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Computers

10 questions

Module 2 Vocab

Quiz

•

5th Grade

10 questions

Introduction to Coding

Interactive video

•

3rd - 6th Grade

ECIH QUIZ

Computer security incident can be defined as:

Data classification is the process of classifying data based on the level of sensitivity as it is created, modified, improved, stored, or transmitted. Which of
these levels fall into U.S. Government standards for data classification?

"Technically not a U.S. Government classification level, but used for government documents that do not have a classification. Such documents can sometimes be viewed by those without security clearance”. Which of the following items correctly
describes the above statement?

Information Warfare refers to the use of information and information systems as weapons in a conflict in which the information and information systems themselves are the targets. Which of these constitute the categories of information warfare?

Identify the three tenets of information security.

Which out of these signs do not indicate a computer security incident?

Personal theft of data related to a computer incident refers to which of the following security incident levels?

which level poses an immediate threat to various systems that lead to criminal charges, regulatory fines, or bad name to the organization?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers

ECIH QUIZ

Computer security incident can be defined as:

Data classification is the process of classifying data based on the level of sensitivity as it is created, modified, improved, stored, or transmitted. Which ofthese levels fall into U.S. Government standards for data classification?

"Technically not a U.S. Government classification level, but used for government documents that do not have a classification. Such documents can sometimes be viewed by those without security clearance”. Which of the following items correctlydescribes the above statement?

Information Warfare refers to the use of information and information systems as weapons in a conflict in which the information and information systems themselves are the targets. Which of these constitute the categories of information warfare?

Identify the three tenets of information security.

Which out of these signs do not indicate a computer security incident?

Personal theft of data related to a computer incident refers to which of the following security incident levels?

which level poses an immediate threat to various systems that lead to criminal charges, regulatory fines, or bad name to the organization?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers

Data classification is the process of classifying data based on the level of sensitivity as it is created, modified, improved, stored, or transmitted. Which of
these levels fall into U.S. Government standards for data classification?

"Technically not a U.S. Government classification level, but used for government documents that do not have a classification. Such documents can sometimes be viewed by those without security clearance”. Which of the following items correctly
describes the above statement?