After a successful incident containment, what should be done next?

Reimage infected systems and update security patches to prevent reinfection.

Document the incident and lessons learned.

Ignore the incident and move on.

Notify the media about the incident.

A cyberattack exploited a known vulnerability. What steps should be taken?

Patch the vulnerability, enhance monitoring, and update access controls.

Ignore the vulnerability and hope it doesn't happen again.

Only update access controls without patching.

Enhance monitoring but leave the vulnerability unpatched.

Handling Critical Escalations: A data breach affecting customer records is confirmed. What actions should be taken?

Notify affected customers and authorities immediately.

Ignore the breach and continue operations.

Delete all customer records to prevent further issues.

Wait for further instructions from management.

A company recovers from a data breach but wants to prevent future incidents. What should they do?

Conduct a post-mortem analysis, update policies, and improve employee training.

Ignore the incident and continue as usual.

Only focus on updating software without training employees.

Blame employees without changing any policies.

Scenario: The security team detects a small number of failed logins from an overseas location. What should be the next step?

Investigate the source of the failed logins

Notify the user of the failed logins

Scenario: A phishing email is reported, but only one employee received it. What should be the next step?

Investigate the email to ensure it is not part of a larger attack

Ignore the email since only one employee received it

Delete the email immediately without further action

Forward the email to all employees as a warning

Scenario: A department reports repeated malware infections on different machines. What should be the next step?

Conduct a full system scan on all machines

Ignore the issue and monitor the situation

Reinstall the operating system on all machines

Disconnect the affected machines from the network

Scenario: A suspected insider threat is exfiltrating sensitive documents. What should be the next step?

Conduct a thorough investigation

Monitor the employee's activities closely

Immediately terminate the employee

Determining Escalation Paths: A third-party vendor informs the company of a possible data exposure but provides limited details. What should be the next step?

Investigate the data exposure internally

Ignore the vendor's information

Immediately inform all customers

Wait for more details from the vendor

Handling Critical Escalations: IT discovers that an active attacker has gained administrator access to key servers. What should be done in this situation?

Immediately revoke the attacker's access and investigate the breach

Monitor the attacker's activities for further information

Ignore the situation and hope it resolves itself

Inform the attacker that they have been detected

CyberSecurity Training-Quiz

Professional Development

•

19 Qs

Similar activities

Observability Pipelines- Tech Talks

Professional Development

•

14 Qs

Cybersecurity and IT Infrastructure Quiz

Professional Development

•

20 Qs

SwiftUI Test

Professional Development

•

20 Qs

MERN Stack (Backend + Frontend Connection)

Professional Development

•

17 Qs

Module 2 Knowledge Check

Professional Development

•

15 Qs

DICT23M CADD CAT

Professional Development

•

15 Qs

Sharing Session - Security Operation

Professional Development

•

15 Qs

Networking and VLANs Quiz

Professional Development

•

20 Qs

CyberSecurity Training-Quiz

Quiz

•

Information Technology (IT)

•

Professional Development

•

Practice Problem

•

Hard

Christopher Lynch

FREE Resource

19 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

INCIDENCE RESPONSE PROCESS: What is the first step in the incident response process?

Preparation

Identification

Containment

Eradication

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company detects unusual outbound network traffic that could indicate data exfiltration. What should be done next?

Identify and confirm the incident by analyzing logs and alerts.

Ignore the traffic as it might be a false alarm.

Immediately shut down all network operations.

Contact the internet service provider to block the traffic.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Employees report receiving emails from a compromised internal account requesting sensitive data. What should be done next?

Yes, because it indicates a potential account takeover and requires immediate containment.

No, because it might be a false alarm and can be ignored.

Yes, because it is a common occurrence and does not require immediate action.

No, because it is not related to cybersecurity threats.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

INCIDENCE RESPONSE PROCESS Scenario: A ransomware infection has locked multiple workstations. The IT team is unsure whether to shut down affected systems. What should they do?

Shut down the affected systems immediately.

Disconnect the affected systems from the network.

Wait for instructions from higher authorities.

Attempt to decrypt the files themselves.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Scenario: A malware outbreak spreads across the network. What actions should be taken?

Isolate affected systems and update antivirus software.

Ignore the outbreak and continue normal operations.

Unplug all network cables immediately.

Contact the media to report the outbreak.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

INCIDENCE RESPONSE PROCESS Containment and Mitigation Scenario: A phishing attack compromised employee credentials. The attacker is attempting to access sensitive data. What should be done?

Notify the IT department and change all passwords immediately.

Ignore the attack and continue working.

Share credentials with the attacker to monitor their actions.

Wait for the attacker to make the next move.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Scenario: The IT team detects unauthorized administrative access on a critical server. What steps should be taken?

Investigate the source of access and revoke permissions

Ignore the access as it might be a false alarm

Immediately shut down the server

Notify all users about the breach

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

15 questions

CSF-PT05Q1

Quiz

•

Professional Development

15 questions

Data Analysis and Visualization

Quiz

•

Professional Development

18 questions

Q1: DATABASE SYSTEM

Quiz

•

Professional Development

16 questions

Redundancy Strategies

Quiz

•

Professional Development

17 questions

Data Science Quiz 1

Quiz

•

Professional Development

20 questions

Frontend - CTO Cup

Quiz

•

Professional Development

15 questions

DIGITAL INITIATIVES IN EDUCATION

Quiz

•

Professional Development

21 questions

MCE SERTIFIKAT

Quiz

•

Professional Development

Popular Resources on Wayground

25 questions

Multiplication Facts

Quiz

•

5th Grade

15 questions

4:3 Model Multiplication of Decimals by Whole Numbers

Quiz

•

5th Grade

10 questions

The Best Christmas Pageant Ever Chapters 1 & 2

Quiz

•

4th Grade

12 questions

Unit 4 Review Day

Quiz

•

3rd Grade

20 questions

Christmas Trivia

Quiz

•

6th - 8th Grade

18 questions

Kids Christmas Trivia

Quiz

•

KG - 5th Grade

14 questions

Christmas Trivia

Quiz

•

5th Grade

15 questions

Solving Equations with Variables on Both Sides Review

Quiz

•

8th Grade

Discover more resources for Information Technology (IT)

26 questions

Christmas Movie Trivia

Lesson

•

8th Grade - Professio...

20 questions

Disney Characters

Quiz

•

Professional Development

20 questions

Customer Service

Quiz

•

Professional Development

10 questions

Food Idioms

Quiz

•

Professional Development

20 questions

NCCER Power Tools Quiz

Quiz

•

Professional Development