Quiz Summary
0 of 60 Questions completed
Questions:
Information
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading…
You must sign in or sign up to start the quiz.
You must first complete the following:
Results
Results
0 of 60 Questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 point(s), (0)
Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)
Categories
- Not categorized 0%
-
Unfortunately, you didn’t pass the quiz, but hey, you have unlimited access.😎
Practice makes you perfect! 👊 -
Congratulations! 🥳
You have passed the quiz successfully! You are one step closer to pass the real exam!
We hope to see you again on another certification path.✌️
Good luck with the exam! Stay strong.👊
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- Current
- Review
- Answered
- Correct
- Incorrect
-
Question 1 of 60
1. Question
In the event of a cyberattack, which of the following is the BEST communication plan to minimize the risk of further damage?
CorrectIncorrect -
Question 2 of 60
2. Question
During an incident response process, why is it important to limit communication to trusted parties only?
CorrectIncorrect -
Question 3 of 60
3. Question
In an organization, a security incident has occurred that involves a data breach that contains personally identifiable information (PII) of customers. The organization is subject to regulatory requirements that mandate the disclosure of such incidents. What should be the FIRST step taken by the incident response team with respect to the communication plan in this scenario?
CorrectIncorrect -
Question 4 of 60
4. Question
A security incident has occurred in an organization, and the incident response team is working to resolve the issue. During the investigation, it is found that the incident is limited to a specific group of employees who had access to a particular system. What should be the FIRST step taken by the incident response team with respect to the communication plan in this scenario?
CorrectIncorrect -
Question 5 of 60
5. Question
A company is required to report any data breaches that involve sensitive customer information to regulatory authorities. What action should the incident response team take to ensure compliance with regulatory/legislative requirements as part of the communication plan?
CorrectIncorrect -
Question 6 of 60
6. Question
A company’s incident response team is handling a critical security breach. During the investigation, it is discovered that the attackers gained access to sensitive information, including employee personal information. What is the importance of using a secure method of communication during the incident response?
CorrectIncorrect -
Question 7 of 60
7. Question
A company is hit by a ransomware attack, and the incident response team is activated. As part of the communication plan, the team needs to report to the company’s executives and board members. Which of the following should be included in the report?
CorrectIncorrect -
Question 8 of 60
8. Question
A small business experiences a cyber attack and must notify its customers of a potential data breach. As part of the communication plan, which of the following is important to consider when drafting the notification?
CorrectIncorrect -
Question 9 of 60
9. Question
During a routine security audit, an organization discovers that an attacker gained unauthorized access to their network and exfiltrated sensitive data. The incident response team is notified and begins to investigate the incident. They identify that the attacker was able to exploit a vulnerability in a third-party software used by the organization. The incident response team determines that they need to involve legal counsel to evaluate potential liability and regulatory requirements. Which of the following is the primary reason for involving legal counsel in this incident response process?
CorrectIncorrect -
Question 10 of 60
10. Question
A security incident has occurred in an organization, and the incident response team needs to coordinate with human resources to investigate the incident. Which of the following is the most important reason for involving human resources in the incident response process?
CorrectIncorrect -
Question 11 of 60
11. Question
An organization has experienced a security incident, and the incident response team needs to coordinate with the human resources department to investigate the incident. What is the primary reason for involving human resources in the incident response process?
CorrectIncorrect -
Question 12 of 60
12. Question
A company has suffered a data breach that has received significant media attention. The incident response team is coordinating with various entities to manage the situation. Which of the following is the primary reason for coordinating with the public relations (PR) department?
CorrectIncorrect -
Question 13 of 60
13. Question
In the event of a security incident, a company decides to activate its incident response plan. The plan includes coordinating with external entities such as law enforcement and regulatory bodies. What is the primary reason for including external entities in the incident response plan?
CorrectIncorrect -
Question 14 of 60
14. Question
During an incident response, a company is working to coordinate its response efforts across multiple internal teams and departments, as well as external entities. Which of the following is the most important reason for coordinating response efforts across internal and external entities?
CorrectIncorrect -
Question 15 of 60
15. Question
A company has suffered a cyber attack and has identified that sensitive customer data has been breached. The company decides to contact law enforcement to assist with the investigation. Which of the following is a reason why involving law enforcement in the incident response process is important?
CorrectIncorrect -
Question 16 of 60
16. Question
A company has just experienced a major cyber attack, and the incident response team has been activated. The team is composed of members from different departments and areas within the organization, including IT, security, and operations. The incident response team leader has scheduled a meeting with senior leadership to provide an update on the situation and request additional resources. What is the importance of including senior leadership in the incident response process?
CorrectIncorrect -
Question 17 of 60
17. Question
An organization has just discovered that its network has been breached, and sensitive data has been compromised. The incident response team has been activated, and one of their first steps is to coordinate with law enforcement to assist with the investigation. What is the importance of coordinating with law enforcement during the incident response process?
CorrectIncorrect -
Question 18 of 60
18. Question
A company’s security team recently detected an advanced persistent threat (APT) that has been present on the network for several months. The team is now working on a plan to coordinate the response with regulatory bodies. What is the main reason for coordinating with regulatory bodies in this situation?
CorrectIncorrect -
Question 19 of 60
19. Question
A company’s security team recently discovered a data breach that potentially compromised sensitive customer information. The team is now working on a plan to coordinate the response with regulatory bodies. What is the main reason for coordinating with regulatory bodies in this situation?
CorrectIncorrect -
Question 20 of 60
20. Question
A hospital has experienced a breach of patient data, including medical history, diagnoses, and social security numbers. The incident response team is assessing the criticality of the data that was compromised. Which of the following factors is contributing to the data criticality?
CorrectIncorrect -
Question 21 of 60
21. Question
A company has identified a data breach involving the theft of customer data, including names, addresses, phone numbers, and social security numbers. The incident response team is determining the criticality of the data that was compromised. Which of the following factors is contributing to the data criticality?
CorrectIncorrect -
Question 22 of 60
22. Question
A financial institution is investigating a security incident in which a customer’s personally identifiable information (PII) was compromised. Which of the following best describes why PII is considered critical data in incident response?
CorrectIncorrect -
Question 23 of 60
23. Question
In a healthcare organization, an incident response team is investigating a breach that may have exposed patients’ personal health information (PHI). Which of the following best describes why PHI is considered critical data in incident response?
CorrectIncorrect -
Question 24 of 60
24. Question
A healthcare provider’s database has been breached, potentially exposing the personal health information (PHI) of thousands of patients. The incident response team has been activated and is reviewing the criticality of the data. Which of the following best describes the importance of PHI in this incident response process?
CorrectIncorrect -
Question 25 of 60
25. Question
A hospital’s database containing medical records of patients has been breached, including sensitive personal information (SPI) such as medical history, insurance details, and social security numbers. What should be the priority in their incident response plan?
CorrectIncorrect -
Question 26 of 60
26. Question
A company stores a variety of data about its clients, including names, addresses, social security numbers, and credit card information. However, some of the data they store is considered to be sensitive personal information (SPI). What should be the company’s priority in its incident response plan?
CorrectIncorrect -
Question 27 of 60
27. Question
A government agency’s network stores classified information related to national security. What factor contributes to the criticality of this data in the incident response process?
CorrectIncorrect -
Question 28 of 60
28. Question
A financial institution has experienced a data breach where the attacker gained access to their database containing customer information, including credit card numbers, social security numbers, and financial transactions. What is the primary factor contributing to the criticality of this data?
CorrectIncorrect -
Question 29 of 60
29. Question
A financial company has suffered a ransomware attack, and the attacker has encrypted their customers’ financial data. Which of the following factors contributes to the criticality of this incident?
CorrectIncorrect -
Question 30 of 60
30. Question
A financial institution suffered a data breach in which the attackers gained access to the company’s financial records and customer data. The financial records included details about investments, transactions, and account balances, while the customer data included personally identifiable information (PII) and sensitive financial information. Which of the following factors contributes to the criticality of this data breach?
CorrectIncorrect -
Question 31 of 60
31. Question
A cyber attack has been detected in a company that deals with the research and development of new products. During the attack, the attackers were able to access the company’s database that stores all the research and development data. Which of the following factors contributes to the criticality of this data breach?
CorrectIncorrect -
Question 32 of 60
32. Question
A cyberattack has targeted a company’s intellectual property, including trade secrets and patents. The incident response team is activated. Which of the following is the most important factor that contributes to the criticality of this data?
CorrectIncorrect -
Question 33 of 60
33. Question
A data breach has occurred in a company, compromising its corporate financial data. The incident response team is activated. Which of the following is the MOST important factor that contributes to the criticality of this data?
CorrectIncorrect -
Question 34 of 60
34. Question
A company has just implemented a new incident response plan and needs to train employees on their roles and responsibilities. What type of training is most appropriate for this situation?
CorrectIncorrect -
Question 35 of 60
35. Question
In a security incident, a security analyst discovered that a phishing email was the cause of the breach. The analyst notified the security team, and they quickly isolated the affected systems. What should the security team do next?
CorrectIncorrect -
Question 36 of 60
36. Question
A company has conducted a penetration test to evaluate the security of its network. The test revealed several vulnerabilities that could potentially lead to a data breach. Which of the following is the MOST appropriate action for the incident response team to take based on this scenario?
CorrectIncorrect -
Question 37 of 60
37. Question
A company regularly conducts tabletop exercises to test its incident response plan. During one such exercise, the team discovered that their contact list of emergency responders was outdated, leading to a delay in response time. Which of the following is the MOST appropriate action for the team to take based on this scenario?
CorrectIncorrect -
Question 38 of 60
38. Question
A company has a documented incident response plan in place, but it has not been updated in several years. What should the incident response team do to ensure that the plan is effective in the event of an incident?
CorrectIncorrect -
Question 39 of 60
39. Question
A security analyst is reviewing incident response procedures for a company and notices that there is no documentation of the procedures in place. What should the analyst recommend to improve the incident response process?
CorrectIncorrect -
Question 40 of 60
40. Question
A company has noticed unusual activity on its network and has determined that an unauthorized user gained access to their system. The user was able to access sensitive data and exfiltrate it to an external IP address. Which of the following characteristics would contribute to the urgency of this incident?
CorrectIncorrect -
Question 41 of 60
41. Question
An organization has identified a suspicious file transfer from one of its internal servers to an external IP address. Upon analyzing the transfer, it was found that the file contained sensitive information. Which of the following characteristics would contribute to the criticality of this incident?
CorrectIncorrect -
Question 42 of 60
42. Question
A company’s website has been defaced by an unknown attacker, and the incident response team has been activated. The team needs to determine the extent of the attack and identify any data breaches. What incident response procedure should the team follow?
CorrectIncorrect -
Question 43 of 60
43. Question
A company’s critical business application is down, causing significant financial losses. The incident response team has been activated, and they need to determine the cause of the downtime. What incident response procedure should the team follow?
CorrectIncorrect -
Question 44 of 60
44. Question
A manufacturing company experienced a ransomware attack, which caused significant delays in its production process. The incident response team discovered that the recovery time was longer than expected. Which of the following would be the MOST appropriate action to take in this situation?
CorrectIncorrect -
Question 45 of 60
45. Question
In the aftermath of a cyber attack, the incident response team discovered that the organization’s critical systems had been impacted, and the recovery time was estimated to be several days. Which of the following steps should be taken FIRST in this situation?
CorrectIncorrect -
Question 46 of 60
46. Question
A company has detected that its financial data has been tampered with. Which of the following incident response procedures should be followed to ensure data integrity?
CorrectIncorrect -
Question 47 of 60
47. Question
A healthcare organization has discovered that some of its patient data have been modified without authorization. Which of the following is the most important step in maintaining data integrity during the incident response process?
CorrectIncorrect -
Question 48 of 60
48. Question
A company has recently experienced a data breach, and the security team has been tasked with identifying the root cause of the breach. During the investigation, the team discovers that the attackers used a technique to reverse engineer the company’s software and identify vulnerabilities. Which of the following detection and analysis methods would be MOST appropriate to use in this scenario?
CorrectIncorrect -
Question 49 of 60
49. Question
A company has experienced a ransomware attack that has impacted its financial system, resulting in a loss of funds. Which of the following is the MOST appropriate response procedure for detecting and analyzing the incident?
CorrectIncorrect -
Question 50 of 60
50. Question
A company’s security team has detected multiple alerts related to a possible data breach, including suspicious login attempts, unauthorized file access, and unusual network traffic. Which of the following techniques can be used to correlate these events and identify the root cause of the breach?
CorrectIncorrect -
Question 51 of 60
51. Question
A cybersecurity team at a manufacturing company has detected a malware infection on a critical system used in the production process. The team has determined that the malware is spreading to other systems on the network and wants to prevent it from causing further damage. Which of the following incident response procedures should the team apply to contain the incident?
CorrectIncorrect -
Question 52 of 60
52. Question
A cybersecurity analyst at a financial institution has detected suspicious activity on a server that contains sensitive customer data. The analyst has determined that the server has been compromised and wants to prevent the attacker from accessing other systems on the network. Which of the following incident response procedures should the analyst apply to contain the incident?
CorrectIncorrect -
Question 53 of 60
53. Question
A company discovered that an employee downloaded a malicious file from a phishing email that was sent to their work email account. The employee’s computer was infected, and there is a risk that the malware has spread to other systems in the network. Which of the following is the MOST appropriate incident response procedure to mitigate the vulnerability?
CorrectIncorrect -
Question 54 of 60
54. Question
A security analyst discovered a critical vulnerability in a network device and reported it to the vendor. The vendor released a patch to address the vulnerability, but the security analyst noticed that not all devices in the network were updated. Which of the following is the MOST appropriate incident response procedure to mitigate the vulnerability?
CorrectIncorrect -
Question 55 of 60
55. Question
A company has discovered that an employee had installed unauthorized software on a company computer, which resulted in a malware infection that spread to multiple devices. The incident response team has determined that the infected devices must be sanitized to prevent any further damage. What should be the appropriate incident response procedure to follow for sanitization?
CorrectIncorrect -
Question 56 of 60
56. Question
A company recently suffered a data breach that resulted in the exposure of sensitive customer information. The incident response team has determined that some of the compromised data needs to be securely disposed of to prevent any further damage. What is the appropriate incident response procedure in this situation?
CorrectIncorrect -
Question 57 of 60
57. Question
A company has suffered a ransomware attack that has impacted several of its critical systems. The incident response team has successfully contained the malware, but the systems are unusable and the data has been encrypted. Which of the following is the appropriate response procedure for this scenario?
CorrectIncorrect -
Question 58 of 60
58. Question
A company’s server has been infected with ransomware, and the incident response team has determined that the best course of action is to replace the infected server. What is the appropriate incident response procedure in this situation?
CorrectIncorrect -
Question 59 of 60
59. Question
A company’s security team has identified a vulnerability in their accounting software that could allow an attacker to gain unauthorized access to sensitive financial data. The team has decided to patch the vulnerability to prevent exploitation. What is the MOST appropriate course of action for the team in terms of patching?
CorrectIncorrect -
Question 60 of 60
60. Question
A company has just suffered a data breach that exploited a vulnerability in their web server software. The incident response team has successfully contained the breach and is now focused on eradicating the threat. What is the MOST appropriate course of action for the team in terms of patching?
CorrectIncorrect