What is the main function of a SIEM system?

To collect and analyze security event data

To provide endpoint detection and response capabilities

To aggregate threat intelligence data

Which of the following is considered an indicator of compromise?

Unusual outbound network traffic

What is a common goal during the containment phase of incident response?

To isolate affected systems to prevent further damage

A key component of IR preparedness includes:

Implementing multi-factor authentication.

Investigating suspicious network activity during an ongoing incident.

Restoring data from backups after a security breach.

Isolating compromised systems to prevent further damage.

Which of the following is NOT typically included in an IR plan?

Recommendations for specific software programs to purchase.

Procedures for identifying and reporting security incidents.

Roles and responsibilities for IR team members.

Communication protocols for notifying stakeholders during an incident.

The primary goal of the containment phase of an IR incident is to:

Stop the ongoing incident and prevent further damage.

Identify the root cause of the security incident.

Restore critical business functions to minimize downtime.

Train employees on how to prevent similar incidents in the future.

Which of the following describes a Zero-Day vulnerability?

A vulnerability that is exploited before it is known to the vendor

A known vulnerability that has a patch available

A previously patched vulnerability that reappears

A minor vulnerability with no significant impact

Which of the following is a proactive security measure that can help prevent incidents?

Conducting a post-incident review

Which of the following best describes the "eradication" step in the incident response process?

Removing the root cause of the incident

Monitoring systems for unusual activity

Containing the incident to prevent further spread

Which of the following activities is least likely to occur during the Preparation phase?

Deploying patches to affected systems

Developing an incident response policy

Conducting regular security awareness training

Establishing an incident response team

Vulnerability scanners are used to:

Identify weaknesses and misconfigurations in IT systems.

Collect and preserve digital evidence for investigations.

Isolate compromised systems to prevent lateral movement.

Train employees on cybersecurity best practices

Incident Response

Authored by Ruth Fatayo

others

Used 6+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

30 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The main purpose of a hot site in disaster recovery is to:

Provide a secure location for storing sensitive data.

Offer a temporary workspace for displaced employees.

Enable a rapid switch-over to a fully operational backup environment.

Facilitate communication with stakeholders during a crisis.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The "Identify" function in the NIST framework involves understanding:

The best methods for data encryption.

The types of antivirus software available.

Your organization's critical assets and vulnerabilities.

The latest cyberattack trends worldwide.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is an example of an incident containment strategy?

Installing new hardware

Blocking malicious IP addresses

Updating user passwords regularly

Conducting a security awareness program

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

During which phase are lessons learned documented and analyzed?

Preparation

Detection and Analysis

Containment, Eradication, and Recovery

Post-Incident Activity

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A tool like Splunk is primarily used for:

Vulnerability scanning

Security information and event management

Endpoint detection

Malware analysis

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which phase of incident response includes conducting regular training and awareness programs for employees?

Preparation

Detection and Analysis

Containment, Eradication, and Recovery

Post-Incident Activity

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

In the context of incident response, what is the purpose of conducting a Business Impact Analysis (BIA)?

To detect security incidents

To establish communication channels

To understand the impact of disruptions on business functions

To automate incident response tasks

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

28 questions

Late 20th Century Test Review H11 and H12

Quiz

•

8th Grade

28 questions

ORIENTASI K3LL 28 January 2025

Quiz

•

University

29 questions

2025 Sentences, Subjects, & Predicates Review

Quiz

•

6th - 8th Grade

30 questions

TTS1363 IIT REVISION CH01 - CH05

Quiz

•

University

30 questions

Sentence Completion

Quiz

•

KG - University

25 questions

Unit Test: The Civil War

Quiz

•

8th Grade

25 questions

Georgia Readings Quiz

Quiz

•

8th Grade

26 questions

Unit6(P2)

Quiz

•

KG - University

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

29 questions

Alg. 1 Section 5.1 Coordinate Plane

Quiz

•

9th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

11 questions

FOREST Effective communication

Lesson

•

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

Discover more resources for others

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

29 questions

Alg. 1 Section 5.1 Coordinate Plane

Quiz

•

9th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

11 questions

FOREST Effective communication

Lesson

•

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

Incident Response

The main purpose of a hot site in disaster recovery is to:

The "Identify" function in the NIST framework involves understanding:

Which of the following is an example of an incident containment strategy?

During which phase are lessons learned documented and analyzed?

A tool like Splunk is primarily used for:

Which phase of incident response includes conducting regular training and awareness programs for employees?

In the context of incident response, what is the purpose of conducting a Business Impact Analysis (BIA)?

What is the main function of a SIEM system?

Which of the following is considered an indicator of compromise?

Unauthorized login attempts are an indicator of what type of security incident?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for others