Which of these is NOT part of the IR Preparation stage?
CO2517 Digital Evidence 2023 Part 1
University
•11 Qs
Similar activities
9626 IT - Data Mining 1
12th Grade - University
•10 Qs
Contingency Planning
University
•10 Qs
Data Warehouse and CRISP-DM
University
•10 Qs
Computer Security - Disaster Recovery
University
•10 Qs
Revision C1-3
University
•16 Qs
AD3301-T1
University
•10 Qs
C21-DCSE-3rd-CA-Quiz1
University
•15 Qs
Intro to Data Mining
University
•16 Qs
CO2517 Digital Evidence 2023 Part 1
Quiz
•
Computers
•
University
•
Hard
Christopher Finnigan
FREE Resource
11 questions
Show all answers
1.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Determining
Preparing documentation
IR policies
Retention of evidence
Answer explanation
Retention of evidence − evidence collected typically has to be stored for a certain period and part of the post-incident activities.
2.
DROPDOWN QUESTION
1 min • 1 pt
An event is (a) in a computer system.
Whilst a incident is (b) for organisation or individuals.
an observable occurence
an negatively event with a potential impact
3.
REORDER QUESTION
1 min • 1 pt
Reorder these stages of the Incident Response Lifecycle
Preparation
Detection & Analysis
Containment, Eradication& Recovery
Post-Incident Activity
4.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Which of these are NOT in the IR Preparation
Segmentation
Risk analysis
Determining how Indicents are reported.
Preparing an IR team
Answer explanation
Segmentation – more advanced than isolation by using a honeynet and allow the attacker to continue to receive filtered output to deceive him/her into thinking the attack is progressing successfully. This part of the Incident Containment phase.
5.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Which of these is NOT part of the IR Detection & Analysis stage?
Recordings
Recovery Procedures
Incident Indicator Validation
Incident Indicator Definitions
Answer explanation
Definition of what would confirm the incident would be in the preparation phase.
6.
DRAG AND DROP QUESTION
1 min • 1 pt
(a) could use a honeynet to allow attack to receive filled output and part of th (b) phase.
Segmentation
Containment
Analysis
Preparation
IR Planning
IR
Answer explanation
Segmentation – more advanced than isolation by using a honeynet and allow the attacker to continue to receive filtered output to deceive him/her into thinking the attack is progressing successfully.
7.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Which of these activities are NOT part of the Post-Incident phase.
retention of evidence
risk assessment
collected metrics
lessons learned
Create a free account and access millions of resources
Create resources
Host any resource
Get auto-graded reports
Microsoft
Apple
Others
Similar Resources on Quizizz
12 questions
Digital Forensics SQA
Quiz
•
University
10 questions
Incident Response - Quiz 1
Quiz
•
University
10 questions
What is the role of a Disaster Recovery Specialist
Quiz
•
University
15 questions
E-Goverment
Quiz
•
University
10 questions
Quiz 1 Data Analytics
Quiz
•
University
10 questions
Software testing - Fundamentals of testing
Quiz
•
University
10 questions
Research Design
Quiz
•
University
15 questions
CNET151 - Chapt 15 -Cybersecurity Engineering
Quiz
•
University
Popular Resources on Quizizz
15 questions
Character Analysis
Quiz
•
4th Grade
17 questions
Chapter 12 - Doing the Right Thing
Quiz
•
9th - 12th Grade
10 questions
American Flag
Quiz
•
1st - 2nd Grade
20 questions
Reading Comprehension
Quiz
•
5th Grade
30 questions
Linear Inequalities
Quiz
•
9th - 12th Grade
20 questions
Types of Credit
Quiz
•
9th - 12th Grade
18 questions
Full S.T.E.A.M. Ahead Summer Academy Pre-Test 24-25
Quiz
•
5th Grade
14 questions
Misplaced and Dangling Modifiers
Quiz
•
6th - 8th Grade