Scribd
Upload
12K views48 pages

Security Incident Response Overview

A chief information security officer documented an acceptable use policy for cloud environments for all staff. This is an example of a management/administrative control. The policy establishes rules that staff must follow regarding appropriate cloud usage.

Uploaded by

Usama Javed
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
12K views48 pages

Security Incident Response Overview

A chief information security officer documented an acceptable use policy for cloud environments for all staff. This is an example of a management/administrative control. The policy establishes rules that staff must follow regarding appropriate cloud usage.

Uploaded by

Usama Javed
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Chapter 1:

Muhammad Rashid Sattar (username:


[email protected])
Attempt 1
Written: Dec 1, 2022 4:36 AM - Dec 1, 2022 4:45 AM
Submission View
Your quiz has been submitted successfully.
1 / 1 point
A chief information security officer (CISO) at a large organization
documented a policy that establishes the acceptable use of cloud
environments for all staff. This is an example of a: (D1, L1.3.1)
Question options:

A) Management/Administrative control
B) Technical control

C) Physical control

D) Cloud control

View
question
1
feedback
1 / 1 point
Is it possible to avoid risk? (D1, L1.2.1)
Question options:

A) Yes

B) No

C) Sometimes

D) Never

View
question
2
feedback
0 / 1 point
What is meant by non-repudiation?  (D1, L1.1.1)
Question options:

A) If a user does something, they can't later claim that they didn't do it.

B) Controls to protect the organization's reputation from harm due to inappropriate social media postings
time.   

C) It is part of the rules set by administrative controls. 

D) It is a security feature that prevents session replay attacks. 


View
question
3
feedback
1 / 1 point
Which of the following is NOT one of the four typical ways of managing
risk?  (D1, L1.2.1)
Question options:

A) Avoid

B) Accept

C) Mitigate

D) Conflate

View
question
4
feedback
1 / 1 point
Siobhan is deciding whether to make a purchase online; the vendor
wants Siobhan to create a new user account, and is requesting Siobhan's
full name, home address, credit card number, phone number, email
address, the ability to send marketing messages to Siobhan, and
permission to share this data with other vendors. Siobhan decides that
the item for sale is not worth the value of Siobhan's personal
information, and decides to not make the purchase.  

What kind of risk management approach did Siobhan make? (D1, L1.2.2)


Question options:

A) Avoidance

B) Acceptance

C) Mitigation
D) Transfer

View
question
5
feedback
1 / 1 point
Guillermo is the system administrator for a midsized retail organization.
Guillermo has been tasked with writing a document that describes,
step-by-step, how to securely install the operating system on a
new laptop. This document is an example of a ________. (D1, L1.4.1)
Question options:

A) Policy

B) Standard

C) Procedure

D) Guideline

View
question
6
feedback
1 / 1 point
Lankesh is the security administrator for a small food-distribution
company. A new law is published by the country in which Lankesh's
company operates; the law conflicts with the company's policies. Which
governance element should Lankesh's company follow? (D1, L1.4.2)
Question options:

A) The law

B) The policy

C) Any procedures the company has created for the particular activities affected by the law
D) Lankesh should be allowed to use personal and professional judgment to make the determination of ho

View
question
7
feedback
0 / 1 point
Kristal is the security administrator for a large online service provider.
Kristal learns that the company is harvesting personal data of its
customers and sharing the data with local governments where the
company operates, without the knowledge of the users, to allow the
governments to persecute users on the basis of their political and
philosophical beliefs. The published user agreement states that the
company will not share personal user data with any entities without the
users' explicit permission. 

According to the (ISC) 2 Code of Ethics, to whom does Kristal ultimately


owe a duty in this situation? (D1, L1.5.1)
Question options:

A) The governments of the countries where the company operates 

B) The company Kristal works for 

C) The users

D) (ISC)2 

View
question
8
feedback
1 / 1 point
While taking the certification exam for this certification, you notice
another candidate for the certification cheating. What should you
do? (D1, L1.5.1)
Question options:
A) Nothing—each person is responsible for their own actions.

B) Yell at the other candidate for violating test security.

C) Report the candidate to (ISC)2. 

D) Call local law enforcement.

View
question
9
feedback
1 / 1 point
The concept of "secrecy" is most related to which foundational aspect of
security? (D1, L1.1.1)
Question options:

A) Confidentiality

B) Integrity

C) Availability

D) Plausibility

View
question
10
feedback

Congratulations, you passed the quiz!


You've achieved an overall grade of 70% or higher and completed this
activity.

80 %
Chapter 2:
Muhammad Rashid Sattar (username: [email protected]
Attempt 1
Written: Dec 1, 2022 5:21 AM - Dec 1, 2022 5:30 AM
Submission View
Your quiz has been submitted successfully.
Question 1 1 / 1 point
You are working in your organization's security office. You receive a call from
network several times with the correct credentials, with no success. This is an
Question options:

A) Emergency

B) Event

C) Policy

D) Disaster
View
question
1
feedback
Question 2 1 / 1 point
You are working in your organization's security office. You receive a call from
network several times with the correct credentials, with no success. After a br
user's account has been compromised. This is an example of a(n)_______. (D2,
Question options:

A) Risk management

B) Incident detection

C) Malware

D) Disaster

View
question
2
feedback
Question 3 1 / 1 point
An external entity has tried to gain access to your organization's IT environme
example of a(n) _________. (D2, L2.1.1)
Question options:

A) Exploit

B) Intrusion

C) Event

D) Malware

View
question
3
feedback
Question 4 0 / 1 point
When responding to a security incident, your team determines that the vulner
known to the security community, and that there are no currently known defin
databases or collections. This vulnerability and exploit might be called ______
Question options:

A) Malware

B) Critical

C) Fractal

D) Zero-day

View
question
4
feedback
Question 5 1 / 1 point
True or False? The IT department is responsible for creating the organization's
Question options:

True
False
View question 5 feedback
Question 6 0 / 1 point
The Business Continuity effort for an organization is a way to ensure critical _
disaster, emergency, or interruption to the production environment. (D2, L 2.2
Question options:

A) Business

B) Technical

C) IT

D) Financial

View
question
6
feedback
Question 7 1 / 1 point
Which of the following is very likely to be used in a disaster recovery (DR) effo
Question options:

A) Guard dogs

B) Data backups

C) Contract personnel

D) Anti-malware solutions

View
question
7
feedback
Question 8 1 / 1 point
Which of the following is often associated with DR planning? (D2, L 2.3.1)
Question options:

A) Checklists

B) Firewalls

C) Motion detectors

D) Non-repudiation

View
question
8
feedback
Question 9 0 / 1 point
Which of these activities is often associated with DR efforts? (D2, L2.3.1)
Question options:

A) Employees returning to the primary production location


B) Running anti-malware solutions

C) Scanning the IT environment for vulnerabilities

D) Zero-day exploits

Hide question 9 feedback

Incorrect. Zero-day exploits are a security threat, but not typically associated with DR efforts.

Question 10 1 / 1 point
Which of these components is very likely to be instrumental to any disaster re
Question options:

A) Routers

B) Laptops

C) Firewalls

D) Backups

View
question
10
feedback

Congratulations, you passed the quiz!


You've achieved an overall grade of 70% or higher and completed this activity.

70 %
Chapter 3:
Muhammad Rashid Sattar (username: [email protected]
Attempt 4
Written: Dec 2, 2022 12:25 AM - Dec 2, 2022 12:26 AM
Submission View
Your quiz has been submitted successfully.
Question 1 1 / 1 point
Which of the following is a subject? (D 3, L3.1.1)
Question options:

A) A file

B) A fence

C) A filename

D) A user

View
question
1
feedback
Question 2 1 / 1 point
Lia works in the security office. During research, Lia learns that a configuratio
organization's IT environment. Lia makes a proposal for this change, but the c
approved, tested, and then cleared for deployment by the Change Control Boa
__________. (D3, L3.1.1)
Question options:

A) Defense in depth

B) Holistic security

C) Threat intelligence

D) Segregation of duties

View
question
2
feedback
Question 3 1 / 1 point
Duncan and Mira both work in the data center at Triffid, Inc. There is a policy
present in the data center at the same time; if one of them has to leave for an
until they can both re-enter. This is called ________. (D 3, L3.1.1)
Question options:

A) Blockade

B) Multifactor authentication

C) Two-person integrity

D) Defense in depth

View
question
3
feedback
Question 4 1 / 1 point
Clyde is the security analyst tasked with finding an appropriate physical contr
people will follow badged employees through the entrance of the organization
address this risk? (D3, L3.2.1) 
Question options:

A) Fences

B) Dogs

C) Bollards

D) Turnstiles

View
question
4
feedback
Question 5 1 / 1 point
Sinka is considering a physical deterrent control to dissuade unauthorized peo
property. Which of the following would serve this purpose? (D3, L3.2.1)
Question options:

A) A wall

B) Razor tape

C) A sign

D) A hidden camera

View
question
5
feedback
Question 6 1 / 1 point
Which of these combinations of physical security controls share a single point
Question options:

A) Guards and fences

B) Badge readers and walls


C) Dogs and bollards

D) High-illumination lighting and cameras

View
question
6
feedback
Question 7 1 / 1 point
Lakshmi presents a userid and a password to a system in order to log on. Whi
the userid  have? (D3, L3.3.1) 
Question options:

A) Confidential

B) Complex

C) Unique

D) Long

View
question
7
feedback
Question 8 1 / 1 point
Lakshmi presents a userid and a password to a system in order to log on. Whi
the password have? (D3, L3.3.1) 
Question options:

A) Confidential

B) Unique

C) Mathematical

D) Shared

View
question
8
feedback
Question 9 1 / 1 point
Derrick logs on to a system in order to read a file. In this example, Derrick is t
Question options:

A) Subject

B) Object

C) Process

D) Predicate

View
question
9
feedback
Question 10 1 / 1 point
Which is a physical control that prevents "piggybacking" or "tailgating"; that is
authorized person into a controlled area? (D3, L3.2.1)
Question options:

A) Bollard

B) Turnstile

C) Fence

D) Wall

View
question
10
feedback

Congratulations, you passed the quiz!


You've achieved an overall grade of 70% or higher and completed this
activity.

100 %

Chapter 4:
Muhammad Rashid Sattar (username:
[email protected])
Attempt 2
Written: Dec 2, 2022 1:34 AM - Dec 2, 2022 1:35 AM

Submission View
Your quiz has been submitted successfully.
1 / 1 point

Common network device used to connect networks. (D4.1 L4.1.1) 


Question options:

A) Server

B) Endpoint

C) Router

D) Switch

View
question
1
feedback

1 / 1 point

A common network device used to filter traffic. (D4.1 L4.1.1) 


Question options:

A) Server

B) Endpoint

C) Ethernet

D) Firewall

View
question
2
feedback

1 / 1 point

endpoint <------> Web server  

 Which port number is associated with the protocol typically used in this
connection?  (D 4.1 L4.1.2)  
Question options:

A) 21

B) 53

C) 80

D) 161

View
question
3
feedback

1 / 1 point

An attack against the availability of a network/system; typically uses


many attacking machines to direct traffic against a given target. (D4.2
L4.2.1)
Question options:

A) Worm

B) Virus

C) Stealth

D) Distributed-denial-of-service (DDOS)

View
question
4
feedback

1 / 1 point

A security solution installed on an endpoint in order to detect potentially


anomalous activity. (D4.2 L4.2.2)
Question options:

A) Router

B) Host-based intrusion prevention system

C) Switch

D) Security incident and event management system (SIEM)

View
question
5
feedback

1 / 1 point

A security solution that detects, identifies and often quarantines


potentially hostile software. (D4.2, L4.2.2)
Question options:

A) Firewall

B) Guard

C) Camera

D) Anti-malware

View
question
6
feedback

1 / 1 point
The common term used to describe the mechanisms that control the
temperature and humidity in a data center. (D4.3 L4.3.1)
Question options:

A) VLAN (virtual local area network)

B) HVAC (heating, ventilation and air conditioning)

C) STAT (system temperature and timing)

D) TAWC (temperature and water control)

View
question
7
feedback

1 / 1 point

A cloud arrangement whereby the provider owns and manages the


hardware, operating system, and applications in the cloud, and the
customer owns the data. (D4.3 L4.3.2)
Question options:

A) Infrastructure as a service (IaaS)

B) Morphing as a service (MaaS)

C) Platform as a service (PaaS)

D) Software as a service (SaaS)

View
question
8
feedback

1 / 1 point

A portion of the organization's network that interfaces directly with the


outside world; typically, this exposed area has more security controls
and restrictions than the rest of the internal IT environment. (D4.3
L4.3.3)
Question options:

A) National Institute of Standards and Technology (NIST)

B) Demilitarized zone (DMZ)

C) Virtual private network (VPN)

D) Virtual local area network (VLAN) 

View
question
9
feedback

1 / 1 point

Which of the following tools can be used to grant remote users access
to the internal IT environment? (D 4.3 L4.3.3)
Question options:

A) VLAN (virtual local area network)

B) VPN (virtual private network)

C) DDOS (distributed denial-of-service)

D) MAC (media access control)

View
question
10
feedback

Congratulations, you passed the quiz!


You've achieved an overall grade of 70% or higher and completed this
activity.

100 %

Chapter 5:
Muhammad Rashid Sattar (username:
[email protected])
Attempt 4
Written: Dec 2, 2022 2:32 AM - Dec 2, 2022 2:33 AM

Submission View
Your quiz has been submitted successfully.
1 / 1 point

Which of the following can be used to map data flows through an


organization and the relevant security controls used at each point along
the way? (D5.1, L5.1.1)
Question options:

A) Encryption

B) Hashing

C) Hard copy

D) Data life cycle

View
question
1
feedback

1 / 1 point

Why is an asset inventory so important? (D5.2, L5.2.1)


Question options:

A) It tells you what to encrypt

B) You can't protect what you don't know you have

C) The law requires it

D) It contains a price list

View
question
2
feedback

1 / 1 point

Who is responsible for publishing and signing the organization's


policies? (D5.3, L5.3.1)
Question options:
A) The security office

B) Human Resources

C) Senior management

D) The legal department

View
question
3
feedback

1 / 1 point

Which of the following is always true about logging? (D5.1, L5.1.3)


Question options:

A) Logs should be very detailed

B) Logs should be in English

C) Logs should be concise

D) Logs should be stored separately from the systems they're logging

View
question
4
feedback

1 / 1 point

A mode of encryption for ensuring confidentiality efficiently, with a


minimum amount of processing overhead (D5.1, L5.1.3)
Question options:

A) Asymmetric

B) Symmetric
C) Hashing

D) Covert

View
question
5
feedback

1 / 1 point

A ready visual cue to let anyone in contact with the data know what the
classification is. (D5.1, L5.1.1)
Question options:

A) Encryption

B) Label

C) Graphics

D) Photos

View
question
6
feedback

1 / 1 point

A set of security controls or system settings used to ensure uniformity


of configuration throughout the IT environment. (D5.2, L5.2.1)
Question options:

A) Patches

B) Inventory

C) Baseline

D) Policy
View
question
7
feedback

1 / 1 point

What is the most important aspect of security awareness/training?


(D5.4, L5.4.1)
Question options:

A) Protecting assets

B) Maximizing business capabilities

C) Ensuring the confidentiality of data

D) Protecting health and human safety

View
question
8
feedback

1 / 1 point

Which entity is most likely to be tasked with monitoring and enforcing


security policy? (D5.3, L5.3.1)
Question options:

A) The Human Resources office

B) The legal department

C) Regulators

D) The security office

View
question
9
feedback

1 / 1 point
Which organizational policy is most likely to indicate which types of
smartphones can be used to connect to the internal IT environment?
(D5.3, L5.3.1)
Question options:

A) The CM policy (change management)

B) The password policy

C) The AUP (acceptable use policy)

D) The BYOD policy (bring your own device)

View
question
10
feedback

Congratulations, you passed the quiz!

You've achieved an overall grade of 70% or higher and completed this


activity.

100 %

You might also like