What would George's cybersecurity team do after a security incident to improve incident response in the future?

Schedule a review with everyone to discuss what occurred

Write executive summary for management

What would be a good way to begin preparing to create a report titled 'What We Have Learned' in regard to a recent cybersecurity incident involving a breach?

Determine the sophistication of the audience that the report is meant to be viewed by

Determine fonts and color schemes for effectiveness

Develop Table of Contents first

CySA Review 7 & 8

Authored by J Liles

Computers

Professional Development

Used 3+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

21 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

George gathered forensics from a recent intrusion in preparation for legal proceedings. He used EnCase to gather the digital forensics, cloned the hard drive, and took the hard drive home for further analysis. Which of the following did he violate?

Clone procedures

Chain of Command

Chain of Custody

Hashing procedures

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

George identified 3 Mycc computers that are infected with malware and Windows Defender was unable to detect it. Where is the BEST place to acquire evidence to perform data carving?

Registry

Hard Drive

Memory

Control panel

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What would you use to verify that a disk image you created has not been altered

Nessus

Hash

TPM

MD2020

MULTIPLE SELECT QUESTION

30 sec • 1 pt

Which four phases outline the procedures involved in a forensics investigation? (select four)

Identification

Collection

Verifying

Analysis

Reporting

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

To preserve evidence of a temporary file system mounted to a host, which system device must you target for evidence collection?

RAM

HDD

SSD

USB

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

During an incident response, George obtained evidence from the hard drive of a hacked server. What should he do to ensure the data integrity of the evidence?

Complete Chain of Custody doc

Create hashes for each file on the drive

Encrypt it with AES

Don’t worry about it

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the first thing that needs to be done when starting an investigation into a cyber security event?

Cry

Secure crime scene

Interview witnesses

Call the police

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

19 questions

Pokemon

Quiz

•

1st Grade - Professio...

20 questions

SPARK FIDDLE

Quiz

•

Professional Development

20 questions

TEMA 8 MONT (MANTENIMIENTO) - PROFESOR

Quiz

•

KG - Professional Dev...

20 questions

Conceitos SCRUM português

Quiz

•

Professional Development

17 questions

pengenalan dasar cara mengetik

Quiz

•

Professional Development

20 questions

Seguretat digital (Àrea 1)

Quiz

•

Professional Development

20 questions

Prestaciones y caracteristicas de las videoconsolas

Quiz

•

Professional Development

20 questions

Evaluación de la unida i, II,III

Quiz

•

Professional Development

Popular Resources on Wayground

8 questions

Spartan Way - Classroom Responsible

Quiz

•

9th - 12th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

14 questions

Boundaries & Healthy Relationships

Lesson

•

6th - 8th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

3 questions

Integrity and Your Health

Lesson

•

6th - 8th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

9 questions

FOREST Perception

Lesson

•

20 questions

Main Idea and Details

Quiz

•

5th Grade

Discover more resources for Computers

15 questions

LOTE_SPN2 5WEEK3 Day 2 Itinerary

Quiz

•

Professional Development

6 questions

Copy of G5_U6_L5_22-23

Lesson

•

KG - Professional Dev...

10 questions

March Quiz

Quiz

•

Professional Development

5 questions

Copy of G5_U6_L8_22-23

Lesson

•

KG - Professional Dev...

10 questions

suffixes FUL OR LESS

Quiz

•

Professional Development

CySA Review 7 & 8

George gathered forensics from a recent intrusion in preparation for legal proceedings. He used EnCase to gather the digital forensics, cloned the hard drive, and took the hard drive home for further analysis. Which of the following did he violate?

George identified 3 Mycc computers that are infected with malware and Windows Defender was unable to detect it. Where is the BEST place to acquire evidence to perform data carving?

What would you use to verify that a disk image you created has not been altered

Which four phases outline the procedures involved in a forensics investigation? (select four)

To preserve evidence of a temporary file system mounted to a host, which system device must you target for evidence collection?

During an incident response, George obtained evidence from the hard drive of a hacked server. What should he do to ensure the data integrity of the evidence?

What is the first thing that needs to be done when starting an investigation into a cyber security event?

Process of extracting data (file) out of undifferentiated blocks (raw data)

George has been alerted to several emails that show evidence an employee is planning malicious activities that involve employee PII on the network before leaving the organization. George's BEST response would be to coordinate with the legal department and:

Which of the following would MOST likely be included in the incident response procedure after a security breach of customer PII?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers