CREST CPIA QUESTIONS AND NSWERS

What is Incident Response? - Answer-The actions taken starting from when an incident is raised and following it through to complete remediation as well as the post incident assessments. How Do We Define A Computer Breach or Intrusion? - Answer-A computer breach can be considered as either an intentional or unintentional situation which affects the C.I.A of a computer. Goals of Incident Response - Answer-1. Prepare for the inevitable 2. Identify the Intrusion 3. Contain the threat 4. Eradicate the threat 5. Remediate the intrusion 6. Document and investigate the methods used to create an environment where the same/similar attack will fail Accidental Breach Causes - Answer-1. Data Transportation 2. Misconfigured Settings 3. Misinterpretation of Instructions 4. OSINT 5. Loss of Data 6. Insider Threat Intentional Breach Causes - Answer-1. Insider Threat 2. Phishing and Spear Phishing3. Social Engineering 4. Watering Holes/Exploit Kits 5. Sniffing 6. Code Exploitation 7. Misconfigured Exploitation 8. SQL Injection 9. Password Attack How Are Breaches Identified? - Answer-1. Security Tools 2. Suspicious Activity Noted 3. SOC 4. Ransoms 5. Public Data Leaks