Incident Response
Authored by Olabisi Olajide
Information Technology (IT)
Professional Development
Used 2+ times
AI Actions
Add similar questions
Adjust reading levels
Convert to real-world scenario
Translate activity
More...
Content View
Student View
5 questions
Show all answers
1.
MULTIPLE SELECT QUESTION
30 sec • 2 pts
During a memory analysis, which three critical points should be examined to identify potential threats?
Process Tree
File Fragmentation
Network Connections
Signature Status
2.
MULTIPLE SELECT QUESTION
30 sec • 2 pts
Which two Windows Event IDs are important to check when monitoring user account creation and additions to security-enabled local groups?
Event ID 4720
Event ID 4689
Event ID 4732
Event ID 4270
3.
MULTIPLE SELECT QUESTION
30 sec • 2 pts
Which security event logs would you check to monitor the creation and modification of scheduled tasks?
Event ID 4698
Event ID 4672
Event ID 4220
Eventy ID 4702
4.
MULTIPLE CHOICE QUESTION
30 sec • 2 pts
Which of the following can be used to reinfect a system even if a user removes a malicious file, as it may trigger reinstallation upon reboot?
Services
Run Keys
Processes
Multiple Users Creation
5.
MULTIPLE CHOICE QUESTION
30 sec • 2 pts
At what stage of the NIST Incident Response process are malicious activities confirmed, and decisions are made on how to respond to them?
Post-Incident Activity
Containment, Eradication & Recovery
Detection & Analysis
Preparation
Access all questions and much more by creating a free account
Create resources
Host any resource
Get auto-graded reports
Continue with Google
Continue with Email
Continue with Classlink
Continue with Clever
or continue with
Microsoft
%20(1).png)
Apple
Others
Already have an account?
