When should the removal and secure storage of original hard disks take place?

After evidence has been backed up but before the compromised system has been wiped

After the compromised system has been wiped but before external agencies are informed

As soon as the security breach has been identified

After the system backups have been restored

What name is given to the team that needs to be assembled as part of the IR policy?

Computer Security Incident Response Team (CSIRT)

Cyber Response Unit Security Team (CRUST)

Unit 11 Topic D: Incident Response Policies

12th Grade

•

10 Qs

Similar activities

Hour of Code

2nd - 12th Grade

•

10 Qs

Know thy Peer-to-Peer

12th Grade

•

10 Qs

TCP/IP & other protocols [A Level]

12th Grade

•

14 Qs

Abhyudaya coding class - Grade 7

6th Grade - University

•

10 Qs

MIL March 8, 2023

12th Grade

•

10 Qs

Access - Lesson 14

9th - 12th Grade

•

10 Qs

4.6.4 Logic Gates

10th Grade - Professional Development

•

15 Qs

Wee Word Intro

7th - 12th Grade

•

12 Qs

Unit 11 Topic D: Incident Response Policies

Quiz

•

Computers

•

12th Grade

•

Practice Problem

•

Hard

Ralph Ellis

Used 17+ times

FREE Resource

10 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

An event that poses a threat to the business information, in regard to its confidentiality, integrity & availability

An information security incident

A total data recovery failure

A backup server breach

A power failure in the server room

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

When an incident is detected or suspected what is the first action that should take place?

It must be reported to the appropriate person (probably the CSIRT team leader)

Whoever discovers the incident must perform an initial assessment of the event

Switch off the servers so that no more breaches can take place

Ignore it and hope it goes away

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

When an initial assessment of the event takes place, what is the first thing to identify?

Whether an actual incident has taken place at all

How to minimise the risk

Who is going to be responsible for performing the incident response

Whether or not it is an internal security breach

MULTIPLE SELECT QUESTION

45 sec • 1 pt

Two things that need to be identified during an initial assessment of an incident:

Type of attack

Severity of attack

How much it will cost to resolve the incident

Whether or not to inform the police

MULTIPLE SELECT QUESTION

45 sec • 1 pt

Containing the damage and minimising the risk has five areas, including which of the following?

Protecting people’s safety

Protecting sensitive data

Minimising disruption to computing resources

Ensuring that no-one knows that an incident has taken place

MULTIPLE SELECT QUESTION

45 sec • 1 pt

Following a security incident, which of the following four things are required to be identified and documented?

The nature of the attack

The origin of the attack

The intent of the attack

What systems & files were compromised

How much it will cost to resolve the incident

MULTIPLE SELECT QUESTION

45 sec • 1 pt

Which of the following two reasons explain why two backups are required when protecting evidence following a security incident?

To be used as evidence

For data recovery

In case the evidence has been tampered with

Checks on data inconsistency

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

10 questions

Scratch

Quiz

•

KG - Professional Dev...

10 questions

What is a program slides(6:16)

Quiz

•

8th - 12th Grade

10 questions

Java: repetition control structure for & while

Quiz

•

10th - 12th Grade

10 questions

Review

Quiz

•

9th - 12th Grade

10 questions

Literasi Maklumat

Quiz

•

9th - 12th Grade

10 questions

Media Promosi Produk atau Jasa

Quiz

•

12th Grade

15 questions

Cyber Security KS4

Quiz

•

8th - 12th Grade

15 questions

Excel

Quiz

•

10th - 12th Grade

Popular Resources on Wayground

5 questions

This is not a...winter edition (Drawing game)

Quiz

•

1st - 5th Grade

15 questions

4:3 Model Multiplication of Decimals by Whole Numbers

Quiz

•

5th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

10 questions

The Best Christmas Pageant Ever Chapters 1 & 2

Quiz

•

4th Grade

12 questions

Unit 4 Review Day

Quiz

•

3rd Grade

10 questions

Identify Iconic Christmas Movie Scenes

Interactive video

•

6th - 10th Grade

20 questions

Christmas Trivia

Quiz

•

6th - 8th Grade

18 questions

Kids Christmas Trivia

Quiz

•

KG - 5th Grade

Discover more resources for Computers

15 questions

Internet Vocabulary Notebook Check #2 - CTEA(2024)

Quiz

•

12th Grade

11 questions

Internet Terms Vocabulary- Notebook Check #1- CTEA

Quiz

•

12th Grade

50 questions

Money Matters Fall 2025 Final Exam — Worksheet Questions

Quiz

•

12th Grade

47 questions

CSF Final Exam Practice

Quiz

•

9th - 12th Grade

Unit 11 Topic D: Incident Response Policies

10 questions

An event that poses a threat to the business information, in regard to its confidentiality, integrity & availability

When an incident is detected or suspected what is the first action that should take place?

When an initial assessment of the event takes place, what is the first thing to identify?

Two things that need to be identified during an initial assessment of an incident:

Containing the damage and minimising the risk has five areas, including which of the following?

Following a security incident, which of the following four things are required to be identified and documented?

Which of the following two reasons explain why two backups are required when protecting evidence following a security incident?

When should the removal and secure storage of original hard disks take place?

Who should be contacted before before notifying any external agencies?

What name is given to the team that needs to be assembled as part of the IR policy?

Create a free account and access millions of resources

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers