TestOut PC Pro - 14.2 Incident Response and Regulated Data

As part of the response to a security incident on your company network, you have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up to the time of presentation in court. Which document have been asked to draft?

You work for a company that offers their services through the internet. It is critical that your website performs well. As a member of the IT technician staff, you receive a call from a fellow employee who informs you that customers are complaining that they can't access your website. After doing a little research, you have determined that you are a victim of a denial-of-service attack. As a first responder, which of the following is the next step you need to perform in response to the security incident?

A security incident is currently occurring on your company's network. You discover that the attack involves a computer system that is attached to the network. You are unsure what kind of damage is being done to the network systems or data. Which of the following actions should you take FIRST?

Which of the following is an important aspect of evidence gathering in response to a security incident?

A security technician is conducting a forensic analysis. Which of the following actions is MOST likely to destroy critical evidence?

A technician was able to stop a security attack on a user's computer. Which of the following actions should be performed FIRST when conducting the subsequent forensic investigation?

As the principal of a private school, you have discovered that an office assistant has shared a student's home address with an unauthorized individual. Which of the following regulations is your school in violation of?