Incident Handling

11. In order to properly handle a security incident, what is the first thing that needs to happen?

  • Recover from the incident
  • Remove or eradicate the incident
  • Contain the incident
  • Detect the incident

12. After a security incident, how can an organization be protected against a similar incident occurring again in the future?

  • Update antivirus definitions.
  • Cross your fingers and hope for the best!
  • Change all account passwords.
  • Conduct a post-incident analysis.

13. In order to preserve the integrity of any forensic evidence, what should be done before analyzing a hard drive that has been compromised by a security attack?

  • Install an antivirus software
  • Format the hard drive
  • Make a virtual copy or an image of the hard drive
  • Connect the hard drive to a computer

14. Which of the following are protection that can be used on mobile devices?

  • Screen lock
  • Use the device settings to allow or deny apps access to the devices features
  • Always have bluetooth on
  • Storage encryption

15. In order to prevent further damage, the breach should be ________.

  • contained
  • recovered
  • audited
  • ignored

Devendra Kumar

Project Management Apprentice at Google

Leave a Reply