CREST CPIA Exam Questions with Correct Answers

CREST CPIA Exam Questions with Correct Answers What is Incident Response? - Answer-The actions taken starting from when an incident is raised and following it through to complete remediation as well as the post incident assessments. How Do We Define A Computer Breach or Intrusion? - Answer-A computer breach can be considered as either an intentional or unintentional situation which affects the C.I.A of a computer. Goals of Incident Response - Answer-1. Prepare for the inevitable 2. Identify the Intrusion 3. Contain the threat 4. Eradicate the threat 5. Remediate the intrusion 6. Document and investigate the methods used to create an environment where the same/similar attack will fail Accidental Breach Causes - Answer-1. Data Transportation 2. Misconfigured Settings 3. Misinterpretation of Instructions 4. OSINT 5. Loss of Data 6. Insider Threat Intentional Breach Causes - Answer-1. Insider Threat 2. Phishing and Spear Phishing 3. Social Engineering 4. Watering Holes/Exploit Kits 5. Sniffing 6. Code Exploitation 7. Misconfigured Exploitation 8. SQL Injection 9. Password Attack How Are Breaches Identified? - Answer-1. Security Tools 2. Suspicious Activity Noted 3. SOC 4. Ransoms 5. Public Data Leaks Definition of Governance - Answer-The establishment of policies and continuous monitoring of their proper implementation, by the members of the governing body of an organisation. Why Do We Need Governance? - Answer-Senior leadership support is crucial and reduces resistance to changes and saves time. Incident Response Workflow - Answer-1. Crest - Prepare, Respond, Follow UP 2. SANS - Prep, Identify, Contain, Eradicate, Recover, Lesson Learnt 3. NIST - Prep, Detection & Analysis, Contain-Eradicate & Recovery Incident Response Plan 1 - Answer-1. Roles and Responsibilities 2. Dependant on Organisation 3. Corporate Level Buy In - Ultimately responsible 4. Governance Requirements