Incident Management Response Week1

docx

School

Grand Rapids Community College *

*We aren’t endorsed by this school

Course

CYBER SECU

Subject

Information Systems

Date

Jan 9, 2024

Type

docx

Pages

3

Uploaded by ConstableWildcatMaster401

Report
Congratulations! You passed! Grade received 90.90% Latest Submission Grade 90.91% To pass 80% or higher Go to next item 1. Question 1 In creating an incident response capability in your organization, NIST recommends taking 6 actions. Which three (3) actions that are a included on that list? (Select 3) 1 / 1 point Establish policies and procedures regarding incident-related information sharing Correct Partially correct! Secure executive sponsorship for the incident response plan Develop incident response procedures Correct Partially correct! Considering the relevant factors when selecting an incident response team model Correct Partially correct! 2. Question 2 Which incident response team model would best fit the needs of a the field offices of a large distributed organizations? 1 / 1 point Central incident response team Coordinating incident response team Hybrid incident response team Distributed incident response team Correct Correct! 3. Question 3 Which incident response team staffing model would be appropriate for a small retail store that has just launched an online selling platform and finds it is now under attack? The platform was put together by its very small IT department who has no experience in managing incident response. 1 / 1 point Use internal IT staff only, forcing them to come up to speed as quickly as possible Completely outsource the incident response work to an onsite contractor with expertise in monitoring and responding to incidents Outsource the monitoring of intrusion detection systems and firewalls to an offsite managed security service provider while leaving the response to detected incidents to current IT staff Migrate all online operations to a cloud service provider so you will not have to worry about further attacks Correct Correct! 4. Question 4 Which three (3) technical skills are important to have in an organization's incident response team? (Select 3) 1 / 1 point
Programming Correct Partially correct! Network administration Correct Partially correct! System administration Correct Partially correct! Encryption 5. Question 5 Identifying incident precursors and indicators is part of which phase of the incident response lifecycle? 1 / 1 point Containment, Eradication & Recovery Detection & Analysis Post-Incident Activity Preparation Correct Correct! 6. Question 6 Automatically isolating a system from the network when malware is detected on that system is part of which phase of the incident response lifecycle? 1 / 1 point Preparation Containment, Eradication & Recovery Post-Incident Activity Detection & Analysis Correct Correct! 7. Question 7 According to the IRIS Framework, during which stage of an attack would the attacker send phishing email, steal credentials and establish a foothold in the target network? 1 / 1 point Launch and execute the attack Continue the attack, expand network access Continuous phases occur Attack objective execution Attack beginnings Correct Correct! 8. Question 8 According to the IRIS Framework, during which stage of an attack would the attacker execute their final objectives? 0 / 1 point Attack beginnings Launch and execute the attack Continue the attack, expand network access
Continuous phases occur Attack objective execution Incorrect Incorrect. Perhaps you should review the video IBM X-Force IRIS Cyberattack Framework 9. Question 9 According to the IRIS framework, during the first stage of an attack, when the bad actors are conducting external reconnaissance and aligning their tactics, techniques and procedures, what should the IR team be doing as a countermeasure? 1 / 1 point Enforce strong user password policies by enabling multi-factor authentication and restricting the ability to use the same password across systems Implement strong endpoint detection and mitigation strategies Thoroughly examine available forensics to understand attack details, establish mitigation priorities, provide data to law enforcement, and plan risk reduction strategies Build a threat profile of adversarial actors who are likely to target the company Analyze all network traffic and endpoints, searching for anomalous behavior Correct Correct! 10. Question 10 According to the IRIS framework, during the fourth phase of an attack, the attackers will attempt to evade detection. What should the IR team be doing as a countermeasure? 1 / 1 point Enforce strong user password policies by enabling multi-factor authentication and restricting the ability to use the same password across systems Build a threat profile of adversarial actors who are likely to target the company Implement strong endpoint detection and mitigation strategies Thoroughly examine available forensics to understand attack details, establish mitigation priorities, provide data to law enforcement, and plan risk reduction strategies Analyze all network traffic and endpoints, searching for anomalous behavior Correct Correct! 11. Question 11 True or False. A data breach always has to be reported to law enforcement agencies. 1 / 1 point True False Correct Correct!
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Marketing Week3.docx
Topic 2 DQ 2.docx
Cyber treat Week5.docx
Cyber treat Week4.docx
Incident Management Response Week5.docx
Incident Management Response Week3.docx
Incident Management Response Week2.docx
1.docx
70-687 MLO Lab 24 Andrew_Spiker.docx
70-687 MLO Lab 09_Andrew_Spiker.docx
70-687 MLO Lab 10_Andrew_Spiker.docx
70-687 MLO Lab 05_Andrew_Spiker.docx