Which of the following statements is NOT a goal of incident handling and response?Group of answer choicesTo prevent future attacks or incidentsTo prosecute legal activityTo maintain or restore business continuityTo analyze the cause of an incident

What are some common elements contained in incident response plans? Select two answers.1 point

Which of the following pieces of information should NOT be included in an incident report?Group of answer choicesb. a description of how the situation was handleda. a summary of what happenedd. a discussion of how the problem will be avoided in the futurec. excuses or an apology

Question 1What are the goals of a computer security incident response team (CSIRT)? Select three answers.1 pointTo handle the public disclosure of an incidentTo provide services and resources for response and recoveryTo prevent future incidents from occurringTo manage incidents

What are two incident response phases? (Choose two.)Question 9Select one or more:risk analysis and high availabilitycontainment and recoveryconfidentiality and eradicationprevention and containmentmitigation and acceptancedetection and analysis

Question 1Which two (2) key components are part of incident response? (Select 2)1 pointAttackThreatResponse teamInvestigation2.Question 2Which is not part of the Sans Institutes Audit process?1 pointHelp to translate the business needs into technical or operational needs.Deliver a report.Define the audit scope and limitations.Feedback based on the findings.3.Question 3Which key concept to understand incident response is defined as "data inventory, helps to understand the current tech status, data classification, data management, we could use automated systems. Understand how you control data retention and backup."1 pointAutomated SystemsPost-IncidentE-DiscoveryBCP & Disaster Recovery4.Question 4Which is not included as part of the IT Governance process?1 pointTactical PlansProceduresPoliciesAudits5.Question 5Trudy reading Alice’s message to Bob is a violation of which aspect of the CIA Triad?1 pointConfidentialityIntegrityAvailability6.Question 6A hash is a mathematical algorithm that helps assure which aspect of the CIA Triad?1 pointConfidentialityIntegrityAvailability7.Question 7A successful DOS attack against your company’s servers is a violation of which aspect of the CIA Triad?1 pointConfidentialityIntegrityAvailability8.Question 8Which of these is an example of the concept of non-repudiation?1 pointAlice sends a message to Bob and Bob knows for a certainty that it came from Alice and no one else.Alice sends a message to Bob and Alice is certain that it was not read by Trudy.Alice sends a message to Bob with certainty that it was not altered while in route by Trudy.Alice sends a message to Bob with certainty that it will be delivered.9.Question 9You have been asked to establish access to corporate documents in such a way that they can be read from anywhere, but only modified while the employees are in the office. Which 2 access criteria types were likely involved in setting this up?1 pointTimeframeTransaction typeGroupsPhysical location10.Question 10In incident management, an observed change to the normal behavior of a system, environment or process is called what?1 pointThreatIncidentEventAttack11.Question 11In incident management, tools like SIEM, SOA and UBA are part of which key concept?1 pointBCP & Disaster RecoveryPost-Incident ActivitiesAutomated systemE-Discovery12.Question 12Which phase of the Incident Response Process do steps like Carry out a post incident review and Communicate and build on lessons learned fall into?1 pointFollow UpRespondPrepare13.Question 13In the context of security standards and compliance, which two (2) of these are considered normative and compliance items?1 pointThey help translate the business needs into technical or operational needs.They seek to improve performance, controls and metrics.They are rules to follow for a specific industry.They serve as an enforcement mechanism for government, industry or clients.14.Question 14A company document that details how an employee should request Internet access for her computer would be which of the following?1 pointProcedureStrategic PlanTactical PlanPolicy15.Question 15Which of these is a methodology by which to conduct audits?1 pointSOXHIPPAPCI/DSSOCTAVE16.Question 16Mile 2 CPTE Training teaches you how to do what?1 pointConstruct a botnetConduct a Ransomware attackConduct a pentestAdvanced network management tasks17.Question 17Which three (3) statements about OWASP are True?1 pointOWASP stands for Open Web Application Security ProjectOWASP provides tools and guidance for mobile applications.OWASP provides guidance and tools to help you address web application vulnerabilities on their Top 10 list.OWASP Top 10 only lists the top 10 web application vulnerabilities but you must engage an OWASP certified partner to learn how to fix them.