Cyber Incident Response Quiz

Identification

Recovery

Containment

Preparation

Eradication

Containment

Lessons learned

Preparation

To review forensic images

To clear up the awareness of the incident

To test the fixes in the eradication phase

To restore systems from backup

Isolate compromised accounts

Test functionality

Review log files

Restore systems from backup

Restoring systems from backup

Testing the fixes in the recovery phase

Isolating compromised accounts

Removing and remediating any damage

To prevent future incidents

To lock down compromised accounts

To review log files

To identify the source of the compromise

Reviewing what went wrong and using the incident as a stepping stone to work towards a solution

Rushing to get back up and running

Skipping the lessons learned phase

Reviewing log files

Persons trained and equipped for it

Third-party contractors

Any employee in the organization

Customers of the organization

Human error

Log file analysis

Incident prevention

Cyber insurance

Contact the authorities

Contact inProgressive for help

Ignore the suspicion

Delete and restore systems immediately