CREST CPIA Exam Questions & Answers(Graded A+)

How Do We Define A Computer Breach or Intrusion? - ANSWER-A computer breach can be considered as either an intentional or unintentional situation which affects the C.I.A of a computer. Goals of Incident Response - ANSWER-1. Prepare for the inevitable 2. Identify the Intrusion 3. Contain the threat 4. Eradicate the threat 5. Remediate the intrusion 6. Document and investigate the methods used to create an environment where the same/similar attack will fail Accidental Breach Causes - ANSWER-1. Data Transportation 2. Misconfigured Settings 3. Misinterpretation of Instructions 4. OSINT 5. Loss of Data 6. Insider Threat Intentional Breach Causes - ANSWER-1. Insider Threat 2. Phishing and Spear Phishing 3. Social Engineering 4. Watering Holes/Exploit Kits 5. Sniffing 6. Code Exploitation 7. Misconfigured Exploitation 8. SQL Injection 9. Password Attack How Are Breaches Identified? - ANSWER-1. Security Tools 2. Suspicious Activity Noted 3. SOC 4. Ransoms 5. Public Data Leaks Definition of Governance - ANSWER-The establishment of policies and continuous monitoring of their proper implementation, by the members of the governing body of an organisation.