11. In order to properly handle a security incident, what is the first thing that needs to happen?
- Recover from the incident
- Remove or eradicate the incident
- Contain the incident
- Detect the incident
12. After a security incident, how can an organization be protected against a similar incident occurring again in the future?
- Update antivirus definitions.
- Cross your fingers and hope for the best!
- Change all account passwords.
- Conduct a post-incident analysis.
13. In order to preserve the integrity of any forensic evidence, what should be done before analyzing a hard drive that has been compromised by a security attack?
- Install an antivirus software
- Format the hard drive
- Make a virtual copy or an image of the hard drive
- Connect the hard drive to a computer
14. Which of the following are protection that can be used on mobile devices?
- Screen lock
- Use the device settings to allow or deny apps access to the devices features
- Always have bluetooth on
- Storage encryption
15. In order to prevent further damage, the breach should be ________.
- contained
- recovered
- audited
- ignored
