CYSA+ MODULE 8 UPDATED ACTUAL Questions and CORRECT Answers
What is one goal of preparation in system security? Make the system resilient to attack.
What does hardening systems involve? Making systems more secure against attacks.
Why are policies and procedures important in prepara-
They provide guidelines for maintaining security.
tion?
What is the purpose of setting up confidential lines of
To protect sensitive information during an attack.
communication?
What is the first step in incident detection? Determine whether an incident has taken place.
What does CIA triage assess? The severity of an incident.
Who should be notified after an incident is detected? Stakeholders.
What is the first step in containment during an incident? Limit the scope and magnitude of the incident.
What should be done to affected hosts and accounts
Isolate affected hosts and accounts.
during containment?
How can segmentation help during an incident contain-
Use segmentation to prevent spread.
ment?
What type of communications should be restricted during
Restrict communications to trusted parties only.
containment?
What is the first step after an incident is contained? Removing the cause.
What is the goal of the eradication phase? To bring the system back to a secure state.
What phases are iterated through for complete resolution
Detection, containment, and eradication.
of an incident?
Analyze the incident and responses to identify whether
Post-incident Activity procedures or systems could be improved, documenting
the incident, commonly referred to as lessons learned.
Organizations define the steps they need to take to re-
Playbooks spond to a security incident, including specific roles,
processes, and procedures that security staff must follow.
What is one goal of preparation in system security? Make the system resilient to attack.
What does hardening systems involve? Making systems more secure against attacks.
Why are policies and procedures important in prepara-
They provide guidelines for maintaining security.
tion?
What is the purpose of setting up confidential lines of
To protect sensitive information during an attack.
communication?
What is the first step in incident detection? Determine whether an incident has taken place.
What does CIA triage assess? The severity of an incident.
Who should be notified after an incident is detected? Stakeholders.
What is the first step in containment during an incident? Limit the scope and magnitude of the incident.
What should be done to affected hosts and accounts
Isolate affected hosts and accounts.
during containment?
How can segmentation help during an incident contain-
Use segmentation to prevent spread.
ment?
What type of communications should be restricted during
Restrict communications to trusted parties only.
containment?
What is the first step after an incident is contained? Removing the cause.
What is the goal of the eradication phase? To bring the system back to a secure state.
What phases are iterated through for complete resolution
Detection, containment, and eradication.
of an incident?
Analyze the incident and responses to identify whether
Post-incident Activity procedures or systems could be improved, documenting
the incident, commonly referred to as lessons learned.
Organizations define the steps they need to take to re-
Playbooks spond to a security incident, including specific roles,
processes, and procedures that security staff must follow.
