ITN 261: CHAPTER 14 QUESTIONS &
ANSWERS (RATED A+)
Which of the following should be the next step after the identification of an incident?
A. Containment
B. Reporting
C. Analysis
D. Triage - ANSWERTriage
Interviewing system administrators about technical details of an event most often occurs
in which stage of incident response?
A. Incident Identification
B. Triage
C. Reporting
D. Debriefing - ANSWERIncident identification
Which of the following should be on a security incident report form?
A. A complete list of the stole sensitive data items
B. Contact information for all users affected by the event
C. Details of similar events to aid in incident reporting
D. Contact information for the original reporting organization or person -
ANSWERContact information for the original reporting organization or person
All but which of the following is commonly included in a security policy?
A. Appropriate response guidelines for the given security incident
B. The means through which responsible parties will be notified
C. The responsible person or parties that will take lead for responding
D. The city evacuation routes and emergency shelter contact information -
ANSWERThe city evacuation routes and emergency shelter contact information
What is a characteristic of an incident response and disaster recovery simulation?
A. They replicate a disaster fairly accurately without disrupting the system.
B. They allow the team to read through the recovery plan together.
C. They verify that sufficient supplies are stored at the backup site.
D. They ensure that forms are filled out correctly during real incidents. - ANSWERThey
replicate a disaster fairly accurately without disrupting the system.
A standard format for reporting a security incident prevents which of the following?
ANSWERS (RATED A+)
Which of the following should be the next step after the identification of an incident?
A. Containment
B. Reporting
C. Analysis
D. Triage - ANSWERTriage
Interviewing system administrators about technical details of an event most often occurs
in which stage of incident response?
A. Incident Identification
B. Triage
C. Reporting
D. Debriefing - ANSWERIncident identification
Which of the following should be on a security incident report form?
A. A complete list of the stole sensitive data items
B. Contact information for all users affected by the event
C. Details of similar events to aid in incident reporting
D. Contact information for the original reporting organization or person -
ANSWERContact information for the original reporting organization or person
All but which of the following is commonly included in a security policy?
A. Appropriate response guidelines for the given security incident
B. The means through which responsible parties will be notified
C. The responsible person or parties that will take lead for responding
D. The city evacuation routes and emergency shelter contact information -
ANSWERThe city evacuation routes and emergency shelter contact information
What is a characteristic of an incident response and disaster recovery simulation?
A. They replicate a disaster fairly accurately without disrupting the system.
B. They allow the team to read through the recovery plan together.
C. They verify that sufficient supplies are stored at the backup site.
D. They ensure that forms are filled out correctly during real incidents. - ANSWERThey
replicate a disaster fairly accurately without disrupting the system.
A standard format for reporting a security incident prevents which of the following?
