28.4.11 Check Your Understanding – Identify the Incident Handling Term Answers

1. What term is used for a sign that a threat actor maybe be preparing to attack an asset?

  • CSIRT
  • precursor
  • indicator
  • event
  • incident
  • incident handling

Explanation: A precursor is indication that a network security incident may occur.

2. What term is used for the group of people who provide incident response services to an organization?

  • precursor
  • indicator
  • event
  • incident
  • incident handling
  • CSIRT

Explanation: A CSIRT is a team of people who provide incident response services to an organization.

3. What term is used for a time-bound activity that is restricted to a specific step in which an adversary attacks a network?

  • CSIRT
  • precursor
  • security event
  • incident
  • incident handling
  • CSIRT

Explanation: A security event is a time -bound activity that is part of a specific step in a cyberattack.

4. What is a sign that a network security event may have occurred or is occurring?

  • CSIRT
  • precursor
  • indicator
  • event
  • incident
  • incident handling

Explanation: An indicator is a sign that a network security event may have occurred or is occurring.

5. What has occurred when there is a violation or threat of violation of security policies?

  • CSIRT
  • precursor
  • indicator
  • event
  • incident
  • incident handling

Explanation: A security incident has occurred when there is a violation or threat of violation of security policies.

6. What is the term for a set of policies, plans, and procedures that are designed to address cybersecurity breaches?

  • CSIRT
  • precursor
  • indicator
  • event
  • incident
  • incident handling capability

Explanation: A set of incident response policies, plans, and procedures define an organization’s incident handling capability.


guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x