Which three options can be classified as server assets according to VERIS? router switch DHCP servers mail servers firewall laptops VoIP phones database Explanation & Hint: In the context of…
Which three perspectives does the impact assessment section leverage in order to provide an understanding and measure of consequence that is associated with the incident? (Choose three.) captures the timeline…
The discovery and response section focuses on which three options? (Choose three.) timeline of the events estimating the magnitude of the losses categorizing the varieties of losses experienced how the…
Which four VERIS components are used to describe an incident? (Choose four.) authorization actions authentication attributes assets accounting access control list actors alarm adjacency Explanation & Hint: The VERIS (Vocabulary…
What is not a primary element of an incident response policy? penetration testing requirements getting buy-in from senior management the missions, strategies, and goals of the organization how the incident response team…
A security audit is an example of which CSIRT service? proactive services aggressive services passive services reactive services backup services restore services Explanation & Hint: A security audit is an…
Which three options are elements of an incident response policy? (Choose three.) buy-in from senior management SOC, NOC, and IT capabilities to determine the structure of the incident response plan…
Organizations that are trying to share information with external organizations should also consult with which department before initiating any coordination efforts? IT legal human resources engineering Explanation & Hint: Organizations…
Which four options are part of the CSIRT framework? (Choose four.) mission statement constituency compliance organization structure relationships feedback Explanation & Hint: The four options that are part of the…
Which of the following aims to protect credit card holder account data? PCI DSS HIPAA SOX Gramm-Leach-Bliley Act Explanation & Hint: The standard that aims to protect credit card holder…
Match the function of the CSIRT incident handling service with its description. is a single point of contact and the focal point for accepting, collecting, sorting, ordering, and passing on…
Match the CSIRT category to its function. handles reports of vulnerabilities in their software or hardware products ==> vendor teams provides incident handling services to a country ==> national CSIRT coordinates and…
What does the CSIRT incident analysis center usually do? provide incident handling services to a country coordinate and facilitate the handling of incidents across various CSIRTs focus on synthesizing data…
What does the CSIRT incident response provider usually do? provides incident handling services to their parent organization handles reports of vulnerabilities in their software or hardware products offers incident handling…
During incident classification, cross-site scripting attacks can be classified as which type of attack? improper usage attrition email web Explanation & Hint: During incident classification, cross-site scripting (XSS) attacks are…
What is the first phase in the incident response life cycle? identification containment preparation reporting Explanation & Hint: The first phase in the incident response life cycle is Preparation. This…
You work as a security analyst in a SOC and want to know if information about your organization’s network devices is available through open-source intelligence searches on the internet. Which…
What is a primary source for open-source intelligence? technical journals academic publications internet industry seminars Explanation & Hint: A primary source for open-source intelligence (OSINT) is the Internet. The Internet…
You are a CIO of an organization that is analyzing cyber threat intelligence information to determine current threat trends to discover if your industry vertical may be impacted. Which type…
You work in an incident response team as a threat hunter and are analyzing cyber threat intelligence to obtain more information on tactics, techniques, and procedures that potential adversaries use.…