Incident Response Exam Quiz!

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Selmer
S
Selmer
Community Contributor
Quizzes Created: 1 | Total Attempts: 3,096
| Attempts: 3,121
SettingsSettings
Please wait...
  • 1/96 Questions

    Security auditing can:

    • Provide data that can be used to define anomalous behavior
    • Maintain a record useful in computer forensics
    • Generate data that can be used in after-the-fact analysis of an attack
    • All of the above
Please wait...
About This Quiz

The 'Incident Response Exam Quiz!' assesses key aspects of information security such as privacy, system integrity, confidentiality, and vulnerability management. It is designed to evaluate the learner's ability to understand and apply concepts critical to protecting organizational assets and information.

Incident Response Exam Quiz! - Quiz

Quiz Preview

  • 2. 

    A flaw or weakness in a system’s design, implementation, or operation and management that could be exploited to violate the system’s security policy is a(n)  __________.

    • Countermeasure

    • Adversary

    • Vulnerability

    • Risk

    Correct Answer
    A. Vulnerability
    Explanation
    A vulnerability refers to a flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy. It represents a potential entry point for attackers to compromise the system's integrity, confidentiality, or availability. Identifying and addressing vulnerabilities is crucial in maintaining the security of a system and preventing unauthorized access or malicious activities.

    Rate this question:

  • 3. 

    A(n) _________ is an attempt to learn or make use of information from the system that does not affect system resources.

    • Passive attack

    • Outside attack

    • Inside attack

    • Active attack

    Correct Answer
    A. Passive attack
    Explanation
    A passive attack refers to an attempt to learn or make use of information from a system without affecting system resources. In this type of attack, the attacker does not actively alter or disrupt the system but rather observes or intercepts data. This can include activities such as eavesdropping, monitoring network traffic, or analyzing data to gain unauthorized access or obtain sensitive information. Unlike active attacks, passive attacks do not directly impact or manipulate system resources.

    Rate this question:

  • 4. 

    A________ level breach of security could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.

    • Low

    • Moderate

    • Normal

    • High

    Correct Answer
    A. High
    Explanation
    A high-level breach of security refers to a situation where there is a severe or catastrophic adverse effect on organizational operations, assets, or individuals. This means that the breach has significant consequences and can cause substantial damage to the organization or individuals involved. It indicates that the breach is not minor or insignificant, but rather has a major impact on the overall functioning and well-being of the organization or individuals affected.

    Rate this question:

  • 5. 

    From a security point of view, which of the following actions should be done upon       the termination of an employee?

    • Remove the person’s name from all lists of authorized access

    • Recover all assets, including employee ID, disks, documents and equipment

    • Remove all personal access codes

    • All of the above

    Correct Answer
    A. All of the above
    Explanation
    Upon the termination of an employee, it is important from a security point of view to take all of the mentioned actions. Removing the person's name from all lists of authorized access ensures that they no longer have any privileges or permissions within the organization's systems. Recovering all assets, including employee ID, disks, documents, and equipment, helps to prevent any unauthorized use or access to sensitive information. Removing all personal access codes ensures that the former employee cannot use their credentials to gain entry into any systems or networks. Taking all of these actions collectively helps to mitigate security risks and protect the organization's assets and information.

    Rate this question:

  • 6. 

    Data items to capture for a security audit trail include

    • A. events related to the security mechanisms on the system

    • Operating system access

    • Remote access

    • All of the above

    Correct Answer
    A. All of the above
    Explanation
    A security audit trail is a record of events and activities related to the security mechanisms on a system. It includes capturing data items such as events related to the operating system access and remote access. Therefore, the correct answer is "all of the above" as it encompasses all the mentioned data items that need to be captured for a security audit trail.

    Rate this question:

  • 7. 

    An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) __________.

    • Risk

    • Attack

    • Asset

    • Vulnerability

    Correct Answer
    A. Attack
    Explanation
    An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is referred to as an "attack". This term is commonly used in the context of cybersecurity to describe intentional actions taken to compromise the security of a system or network. Attacks can take various forms, such as malware infections, unauthorized access attempts, or social engineering techniques, and they are aimed at exploiting vulnerabilities in order to gain unauthorized access or cause harm to the targeted system.

    Rate this question:

  • 8. 

    ______ is a benefit of security awareness, training, and education programs to organizations.

    • Improving employee behavior

    • Increasing the ability to hold employees accountable for their actions

    • Mitigating liability of the organization for an employee’s behavior

    • All of the above

    Correct Answer
    A. All of the above
    Explanation
    Security awareness, training, and education programs provide several benefits to organizations. Firstly, they help in improving employee behavior by educating them about potential security risks and teaching them how to identify and respond to such threats. Secondly, these programs increase the organization's ability to hold employees accountable for their actions by establishing clear guidelines and consequences for security breaches. Lastly, these programs also help in mitigating the liability of the organization for an employee's behavior by demonstrating that necessary measures were taken to educate and train employees on security protocols. Therefore, all of the given options are correct benefits of security awareness, training, and education programs.

    Rate this question:

  • 9. 

    A(n) __________ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken.

    • Attack

    • Adversary

    • Countermeasure

    • Protocol

    Correct Answer
    A. Countermeasure
    Explanation
    A countermeasure is a method or strategy that is used to reduce or prevent a threat, vulnerability, or attack. It can be an action, device, procedure, or technique that aims to eliminate or minimize the harm caused by the threat or attack. Countermeasures can also involve discovering and reporting the threat or attack so that appropriate action can be taken to address it.

    Rate this question:

  • 10. 

    CERT stands for ___________.

    • Computer Error Response Team

    • Compliance Error Repair Technology

    • Computer Emergency Response Team

    • Compliance Emergency Response Technology

    Correct Answer
    A. Computer Emergency Response Team
    Explanation
    CERT stands for Computer Emergency Response Team. This team is responsible for responding to and handling computer security incidents and emergencies. They work to prevent, detect, and respond to cyber threats and vulnerabilities. The term "emergency" implies the urgency and critical nature of their work, as they are tasked with quickly addressing and mitigating any potential risks or damages caused by cyber attacks or other security incidents.

    Rate this question:

  • 11. 

    Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system. System integrity

    • System integrity

    • Availability

    • Data integrity

    • Confidentiality

    Correct Answer
    A. System integrity
    Explanation
    System integrity refers to the assurance that a system operates as intended without any unauthorized manipulation. It ensures that the system functions smoothly and is not compromised intentionally or unintentionally. This includes protecting the system from any unauthorized access, modification, or disruption that could potentially affect its performance or compromise its intended function. System integrity is crucial for maintaining the reliability and trustworthiness of a system.

    Rate this question:

  • 12. 

    A loss of _________ is the unauthorized disclosure of information.

    • Confidentiality

    • Authenticity

    • Integrity

    • Availability

    Correct Answer
    A. Confidentiality
    Explanation
    Confidentiality refers to the protection of sensitive information from being accessed or disclosed to unauthorized individuals. A loss of confidentiality occurs when this information is disclosed without proper authorization. Therefore, it is the correct answer for the given question.

    Rate this question:

  • 13. 

    __________ is the insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.

    • Traffic padding

    • Traffic control

    • Traffic routing

    • Traffic integrity

    Correct Answer
    A. Traffic padding
    Explanation
    Traffic padding is the insertion of bits into gaps in a data stream to frustrate traffic analysis attempts. By adding extra bits, the data stream becomes less predictable and harder to analyze, making it difficult for attackers or surveillance systems to gather meaningful information about the traffic. This technique helps to protect the privacy and security of the data being transmitted.

    Rate this question:

  • 14. 

    _______ are ways for an awareness program to promote the security message to employees

    • Posters

    • Newsletters

    • Workshops and training sessions

    • All of the above

    Correct Answer
    A. All of the above
    Explanation
    Posters, newsletters, and workshops and training sessions are all effective ways for an awareness program to promote the security message to employees. Posters can be displayed in common areas to catch employees' attention and remind them of important security practices. Newsletters can be distributed regularly to provide updates, tips, and reminders about security measures. Workshops and training sessions allow for more interactive and in-depth learning experiences, where employees can actively participate and ask questions. By utilizing all of these methods, the awareness program can effectively reach and engage employees, ensuring that the security message is effectively communicated and understood.

    Rate this question:

  • 15. 

    An example of __________ is an attempt by an unauthorized user to gain access to a system by posing as an authorized user.

    • Masquerade

    • Privacy

    • Interception

    • Inference

    Correct Answer
    A. Masquerade
    Explanation
    The correct answer is masquerade because it refers to the act of pretending to be someone else in order to deceive or gain unauthorized access. In this context, an unauthorized user is attempting to gain access to a system by posing as an authorized user, which is a clear example of masquerade.

    Rate this question:

  • 16. 

    _________ audit trails may be used to detect security violations within an application or to detect flaws in the application’s interaction with the system

    • Application-level

    • System-level

    • User-level

    • None of the above

    Correct Answer
    A. Application-level
    Explanation
    Application-level audit trails are used to track and record the activities and events within an application. These audit trails help in detecting security violations, such as unauthorized access or changes to sensitive data, within the application. They also help in identifying flaws or vulnerabilities in the application's interaction with the system. System-level audit trails, on the other hand, monitor and record system-level activities and events, while user-level audit trails track and record individual user actions. Therefore, the correct answer is Application-level.

    Rate this question:

  • 17. 

    ______ software is a centralized logging software package similar to, but much more complex than, syslog

    • NetScan

    • McAfee

    • IPConfig

    • SIEM

    Correct Answer
    A. SIEM
    Explanation
    SIEM stands for Security Information and Event Management. It is a centralized logging software package that collects and analyzes log data from various sources within an organization's network. SIEM is designed to provide real-time monitoring, threat detection, and incident response capabilities. It offers more advanced features and functionality compared to syslog, making it a suitable choice for organizations that require complex and comprehensive logging and analysis capabilities.

    Rate this question:

  • 18. 

    A threat action in which sensitive data are directly released to an unauthorized entity is __________.

    • Corruption

    • Intrusion

    • Disruption

    • Exposure

    Correct Answer
    A. Exposure
    Explanation
    Exposure refers to a threat action where sensitive data is directly released to an unauthorized entity. This means that the data is made accessible to someone who should not have access to it, potentially leading to unauthorized use or disclosure. This can occur due to various factors such as weak security measures, human error, or malicious intent. It is important to prevent exposure of sensitive data to protect the privacy and security of individuals and organizations.

    Rate this question:

  • 19. 

    The _________ prevents or inhibits the normal use or management of communications facilities.

    • Passive attack

    • Denial of service

    • Traffic encryption

    • Masquerade

    Correct Answer
    A. Denial of service
    Explanation
    Denial of service refers to a type of cyber attack where the attacker intentionally disrupts or hinders the normal functioning of communication facilities, such as networks, servers, or websites. This can be achieved by overwhelming the target system with excessive traffic or by exploiting vulnerabilities to crash or disable the system. The objective is to prevent legitimate users from accessing or using the services provided by the targeted system.

    Rate this question:

  • 20. 

    A __________ is any action that compromises the security of information owned by an organization.

    • Security mechanism

    • Security policy

    • Security atatck

    • Security service

    Correct Answer
    A. Security atatck
    Explanation
    A security attack is any action that compromises the security of information owned by an organization. This can include unauthorized access, data breaches, malware infections, or any other malicious activity that puts the confidentiality, integrity, or availability of information at risk. Security attacks can be intentional or unintentional, and they can originate from both internal and external sources. It is important for organizations to have robust security measures in place to detect, prevent, and mitigate the impact of security attacks.

    Rate this question:

  • 21. 

    The assets of a computer system can be categorized as hardware, software, communication lines and networks, and _________.

    Correct Answer
    Data, data
    Explanation
    The assets of a computer system can be categorized as hardware, software, communication lines and networks, and data. Data is an essential asset in a computer system as it refers to the information or facts that are stored and processed by the system. It can include various types of information such as documents, files, databases, and user input. Data is crucial for the functioning of a computer system as it is used by the software to perform tasks and provide output to the users. Additionally, data can also be transmitted and shared through communication lines and networks, making it an integral part of the system's assets.

    Rate this question:

  • 22. 

    ___________ scan critical system files, directories, and services to ensure they have not been changed without proper authorization

    • Intrusion prevention systems

    • System integrity verification tools

    • Log analysis tools

    • Network and host intrusion detection systems

    Correct Answer
    A. System integrity verification tools
    Explanation
    System integrity verification tools are designed to scan critical system files, directories, and services to ensure that they have not been changed without proper authorization. These tools help to detect any unauthorized modifications or tampering with the system, which could indicate a potential security breach or compromise. By regularly scanning and verifying the integrity of these system components, organizations can ensure the overall security and stability of their systems.

    Rate this question:

  • 23. 

    System conditions requiring immediate attention is a(n) _______ severity

    • Alert

    • Err

    • Notice

    • Emert

    Correct Answer
    A. Alert
    Explanation
    The correct answer is "alert" because an alert severity indicates that there are system conditions that require immediate attention. This severity level implies that there may be critical issues or potential threats that need to be addressed urgently in order to prevent further problems or damage to the system.

    Rate this question:

  • 24. 

    A(n) _________ assessment is periodically assessing the risk to organizational operations, organizational assets, and individuals, resulting from the operation of organizational information systems and the associated processing, storage, or transmission or organizational information.

    Correct Answer
    risk, Risk
    Explanation
    The given answer is correct because it accurately identifies that the assessment being referred to is related to the evaluation of risk. This assessment involves periodically assessing the potential risks that can affect organizational operations, assets, and individuals. These risks can arise from the operation of information systems and the associated processing, storage, or transmission of organizational information. The repetition of the word "risk" in both lowercase and uppercase emphasizes the importance and significance of this assessment in identifying and mitigating potential risks.

    Rate this question:

  • 25. 

    ________ is explicitly required for all employees

    • Security awareness

    • Education and experience

    • Security basics and literacy

    • Roles and responsibilities relative to IT systems

    Correct Answer
    A. Security awareness
    Explanation
    Security awareness is explicitly required for all employees because it ensures that they have the knowledge and understanding of potential security risks and threats. By being aware of security best practices, employees can actively contribute to maintaining a secure work environment and protecting sensitive information. This includes being aware of common attack vectors, understanding the importance of strong passwords, being cautious of phishing attempts, and knowing how to report any suspicious activities. Security awareness helps to create a culture of security within an organization and empowers employees to be proactive in safeguarding company assets.

    Rate this question:

  • 26. 

    A _____________is a characteristic of a piece of technology that can be exploited to perpetrate a security incident

    Correct Answer
    vulnerability
    Explanation
    A vulnerability refers to a characteristic or weakness in a piece of technology that can be exploited by malicious individuals or entities to carry out a security incident. It is a flaw or loophole in the system that can be taken advantage of to gain unauthorized access, cause damage, or steal information. Identifying and addressing vulnerabilities is crucial in maintaining the security and integrity of technology systems.

    Rate this question:

  • 27. 

    The assurance that data received are exactly as sent by an authorized                        entity is __________.

    • Authentication

    • Traffic control

    • Traffic routing

    • Traffic integrity

    Correct Answer
    A. Traffic integrity
    Explanation
    Traffic integrity refers to the assurance that data received is exactly as sent by an authorized entity. It ensures that the data has not been tampered with or altered during transmission. Authentication, traffic control, and traffic routing are not directly related to ensuring the integrity of the data.

    Rate this question:

  • 28. 

    Security implementation involves four complementary courses of action:  prevention, detection, response, and _________.

    Correct Answer
    recovery, Recovery
    Explanation
    The question is asking for the missing complementary course of action in security implementation, which is recovery. Recovery is an essential step in security implementation as it involves restoring systems and data to their normal functioning state after a security incident or breach. It focuses on recovering lost or compromised data, repairing any damage caused, and ensuring that systems are secure and operational again. Recovery is crucial to minimize the impact of security incidents and to restore normalcy in the organization's operations.

    Rate this question:

  • 29. 

    The ________ is a module on a centralized system that collects audit trail records from other systems and creates a combined audit trail

    • Audit dispatcher

    • Audit analyzer

    • Audit trail collector

    • Audit provider

    Correct Answer
    A. Audit trail collector
    Explanation
    The audit trail collector is a module on a centralized system that gathers audit trail records from various other systems and consolidates them into a single audit trail. This allows for centralized monitoring and analysis of the audit trail data, providing a comprehensive view of system activity and facilitating compliance with regulatory requirements.

    Rate this question:

  • 30. 

    _________ audit trails are generally used to monitor and optimize system performance

    • User-level

    • Physical-level

    • System-level

    • All of the above

    Correct Answer
    A. System-level
    Explanation
    System-level audit trails are generally used to monitor and optimize system performance. This is because system-level audit trails provide a comprehensive overview of all activities and events occurring within the system. By monitoring these audit trails, system administrators can identify bottlenecks, detect performance issues, and make necessary optimizations to improve the overall performance of the system. User-level and physical-level audit trails, on the other hand, focus on individual user activities and physical access to the system, respectively, and may not provide the same level of insight into system performance.

    Rate this question:

  • 31. 

    Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.

    • Availability

    • Privacy

    • System integrity

    • Data integrity

    Correct Answer
    A. Privacy
    Explanation
    Privacy refers to the assurance that individuals have control or influence over the collection, storage, and disclosure of their personal information. It ensures that individuals can determine who has access to their data and how it is used. Privacy is crucial in maintaining the confidentiality and security of personal information, protecting individuals from unauthorized access or misuse of their data. It also promotes trust and transparency between individuals and organizations handling their information.

    Rate this question:

  • 32. 

    The ________ is a module that transmits the audit trail records from its local system to the centralized audit trail collector

    • Audit dispatcher

    • Audit analyzer

    • Audit trail collector

    • None of the above

    Correct Answer
    A. Audit dispatcher
    Explanation
    The audit dispatcher is a module that is responsible for transmitting the audit trail records from its local system to the centralized audit trail collector. It acts as a mediator between the local system and the collector, ensuring that all the necessary audit trail records are sent and received accurately. The audit analyzer, on the other hand, is not involved in the transmission process but rather analyzes the collected audit trail records for further analysis and reporting. Therefore, the correct answer is audit dispatcher.

    Rate this question:

  • 33. 

    Release of message contents and traffic analysis are two types of _________ attacks.

    Correct Answer
    passive, Passive
    Explanation
    Passive attacks refer to the interception and monitoring of communication without altering or disrupting it. Release of message contents involves unauthorized access to the actual message, while traffic analysis involves analyzing patterns and metadata of the communication to gain information. Both these attacks fall under the category of passive attacks as they do not actively manipulate the communication.

    Rate this question:

  • 34. 

    A(n) ________ is inserted into a network segment so that the traffic that it is monitoring must pass through the sensor.

    • LAN sensor

    • Analysis sensor

    • Passive sensor

    • Inline sensor

    Correct Answer
    A. Inline sensor
    Explanation
    An inline sensor is inserted into a network segment to ensure that the traffic being monitored must pass through the sensor. Unlike other types of sensors, such as LAN sensors or analysis sensors, an inline sensor is specifically designed to be placed directly in the network path, allowing it to intercept and analyze all traffic passing through. This ensures comprehensive monitoring and analysis of network traffic, making it an effective tool for network security and performance monitoring. A passive sensor, on the other hand, would only listen to the traffic without actively intercepting it.

    Rate this question:

  • 35. 

    A _________ is a security event that constitutes a security incident in which an intruder gains access to a system without having authorization to do so

    • Criminal enterprise

    • Intrusion detection

    • Security intrusion

    • IDS

    Correct Answer
    A. Security intrusion
    Explanation
    A security intrusion refers to a security event where an unauthorized person gains access to a system. This unauthorized access is considered a security incident as it violates the system's authorization requirements. It is important to identify and address security intrusions promptly to prevent further damage and protect sensitive information.

    Rate this question:

  • 36. 

    __________ involves an attempt to define a set of rules or attack patterns that can be used to decide if a given behavior is that of an intruder.

    • Signature detection

    • Threshold detection

    • Anomaly detection

    • Profile based detection

    Correct Answer
    A. Signature detection
    Explanation
    Signature detection involves defining a set of rules or attack patterns that can be used to determine if a behavior is that of an intruder. This method relies on known signatures or patterns of malicious activity to identify and block potential threats. By comparing network traffic or system behavior against a database of known signatures, signature detection can effectively detect and prevent intrusions.

    Rate this question:

  • 37. 

    _______are decoy systems that are designed to lure a potential attacker away from critical systems.

    Correct Answer
    honeypots, Honeypots
    Explanation
    Honeypots are decoy systems that are specifically created to divert potential attackers from accessing critical systems. These systems are designed to mimic real networks or applications, enticing attackers to interact with them instead of the actual valuable assets. By luring attackers to these honeypots, organizations can gather information about their tactics, techniques, and intentions, allowing them to enhance their overall security measures and protect their critical systems effectively.

    Rate this question:

  • 38. 

    Security awareness, training, and education programs can serve as a deterrent to fraud and actions by disgruntled employees by increasing employees’ knowledge of their ________ and of potential penalties

    • Regulations

    • Accountability

    • Liability

    • Incidents

    Correct Answer
    A. Accountability
    Explanation
    Security awareness, training, and education programs can serve as a deterrent to fraud and actions by disgruntled employees by increasing employees' knowledge of their accountability and of potential penalties. By understanding their responsibilities and the consequences of their actions, employees are less likely to engage in fraudulent activities or actions that could harm the organization. This knowledge creates a sense of responsibility and encourages employees to act ethically and in compliance with regulations, reducing the risk of fraud and misconduct.

    Rate this question:

  • 39. 

    Employees have no expectation of _________in their use of company-provided      e-mail or Internet access, even if the communication is personal in nature

    Correct Answer
    privacy
    Explanation
    Employees have no expectation of privacy in their use of company-provided e-mail or Internet access, even if the communication is personal in nature. This means that employees should not assume that their personal communications are private when using company resources. Employers have the right to monitor and access these communications for various reasons, such as ensuring compliance with company policies, protecting sensitive information, and preventing misuse of company resources. Therefore, employees should exercise caution and use company-provided resources responsibly and professionally.

    Rate this question:

  • 40. 

    Replay, masquerade, modification of messages, and denial of service are example of _________ attacks.

    Correct Answer
    active, Active
    Explanation
    The given correct answer for this question is "active, Active". This is because replay, masquerade, modification of messages, and denial of service are all examples of active attacks. Active attacks involve an attacker actively interfering with the communication process, such as intercepting and altering messages, impersonating legitimate users, or disrupting the availability of a service. These attacks are characterized by the attacker's direct involvement in manipulating or disrupting the communication flow.

    Rate this question:

  • 41. 

    _________ is a document that describes the application level protocol for exchanging data between intrusion detection entities

    • RFC 4767

    • RFC 4766

    • RFC 4765

    • RFC 4764

    Correct Answer
    A. RFC 4767
    Explanation
    RFC 4767 is the correct answer because it is a document that describes the application level protocol for exchanging data between intrusion detection entities. The RFC (Request for Comments) series is a collection of documents that define various protocols, procedures, and standards for the internet. RFC 4767 specifically focuses on the protocol for exchanging data between intrusion detection entities, making it the appropriate choice for this question.

    Rate this question:

  • 42. 

    ________ can include computer viruses, Trojan horse programs, worms, exploit scripts, and toolkits

    • Artifacts

    • Vulnerabilities

    • CSIRT

    • Constituencies

    Correct Answer
    A. Artifacts
    Explanation
    The term "artifacts" refers to various types of malicious software that can harm computer systems, such as computer viruses, Trojan horse programs, worms, exploit scripts, and toolkits. These artifacts are designed to exploit vulnerabilities in computer systems and can cause significant damage if not detected and addressed promptly.

    Rate this question:

  • 43. 

    A _______ policy states that the company may access, monitor, intercept, block access, inspect, copy, disclose, use, destroy, or recover using computer forensics any data covered by this policy

    • Standard of conduct

    • Unlawful activity prohibited

    • Company rights

    • Business use only

    Correct Answer
    A. Company rights
    Explanation
    This policy states that the company has the rights to access, monitor, intercept, block access, inspect, copy, disclose, use, destroy, or recover any data covered by this policy. This implies that the company has the authority to take these actions in order to enforce its rights and protect its interests regarding the data.

    Rate this question:

  • 44. 

    Windows is equipped with three types of event logs:  system event log, security event log, and _________event log.

    Correct Answer
    application
    Explanation
    Windows is equipped with three types of event logs: system event log, security event log, and application event log. The application event log is responsible for recording events related to applications running on the Windows operating system. It tracks various types of information such as application crashes, errors, warnings, and informational events. This log is useful for troubleshooting and diagnosing issues with specific applications on the system.

    Rate this question:

  • 45. 

    A(n) _________ is a threat that is carried out and, if successful, leads to an undesirable violation of security, or threat consequence.

    Correct Answer
    Attack, attack
    Explanation
    The given correct answer is "Attack, attack". An attack refers to a deliberate action taken with the intention to compromise security. It is a threat that, if successful, results in an undesirable violation of security or threat consequence. The repetition of the word "attack" in the question and answer might be a typographical error or redundancy.

    Rate this question:

  • 46. 

    ________ is the process of receiving, initial sorting, and prioritizing of information to facilitate its appropriate handling

    • Incident

    • Triage

    • Constituency

    • Handling

    Correct Answer
    A. Triage
    Explanation
    Triage is the process of receiving, initial sorting, and prioritizing of information to facilitate its appropriate handling. This term is commonly used in medical contexts, where it refers to the assessment and prioritization of patients based on the severity of their condition. However, triage can also be applied to other situations, such as emergency response or customer support, where quick decision-making and prioritization are necessary. The goal of triage is to efficiently allocate resources and attention to the most urgent or critical cases first.

    Rate this question:

  • 47. 

    A capability set up for the purpose of assisting in responding to computer security-related incidents that involve sites within a defined constituency is called a ______.

    • CIRT

    • CIRC

    • CSIRT

    • All of the above

    Correct Answer
    A. All of the above
    Explanation
    A capability set up for the purpose of assisting in responding to computer security-related incidents that involve sites within a defined constituency can be referred to by any of the terms CIRT, CIRC, or CSIRT. These terms are interchangeable and can be used to describe the same concept. Therefore, the correct answer is "all of the above" as they all represent the same capability.

    Rate this question:

  • 48. 

    With _________ the linking to shared library routines is deferred until load time so that if changes are made any program that references the library is unaffected

    • Statically linked shared libraries

    • Dynamically linked shared libraries

    • System linked shared libraries

    • D. all of the above

    Correct Answer
    A. Dynamically linked shared libraries
    Explanation
    Dynamically linked shared libraries allow for the linking to shared library routines to be deferred until load time. This means that any changes made to the library will not affect any program that references it. Statically linked shared libraries, on the other hand, are linked at compile time and any changes made to the library will require recompilation of the program. System linked shared libraries refer to libraries that are provided by the operating system. Therefore, the correct answer is dynamically linked shared libraries, as they provide the desired behavior of deferring linking until load time.

    Rate this question:

  • 49. 

    ___________is UNIX’s general-purpose logging mechanism found on all UNIX variants and Linux.

    Correct Answer
    Syslog , syslog
    Explanation
    Syslog is a general-purpose logging mechanism that can be found on all UNIX variants and Linux. It is used to collect and store log messages from various sources within the system. Syslog allows administrators to centralize and manage log data, making it easier to monitor and troubleshoot system issues. The lowercase "syslog" is simply a variant of the term, referring to the specific implementation of the logging mechanism.

    Rate this question:

Quiz Review Timeline (Updated): Mar 22, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 22, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Jun 22, 2015
    Quiz Created by
    Selmer
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.