Incident Response Exam Quiz!

Approved & Edited by ProProfs Editorial Team

The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.

Learn about Our Editorial Process

| By Selmer

Selmer

Community Contributor

Quizzes Created: 1 | Total Attempts: 2,809

Questions: 96 | Attempts: 2,835 | Updated: Mar 22, 2023

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

Questions and Answers

1.

Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.
- A.
  
  Availability
- B.
  
  Privacy
- C.
  
  System integrity
- D.
  
  Data integrity
Correct Answer
B. Privacy

Explanation
Privacy refers to the assurance that individuals have control or influence over the collection, storage, and disclosure of their personal information. It ensures that individuals can determine who has access to their data and how it is used. Privacy is crucial in maintaining the confidentiality and security of personal information, protecting individuals from unauthorized access or misuse of their data. It also promotes trust and transparency between individuals and organizations handling their information.

Rate this question:

1
0
2.

Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system. System integrity
- A.
  
  System integrity
- B.
  
  Availability
- C.
  
  Data integrity
- D.
  
  Confidentiality
Correct Answer
A. System integrity

Explanation
System integrity refers to the assurance that a system operates as intended without any unauthorized manipulation. It ensures that the system functions smoothly and is not compromised intentionally or unintentionally. This includes protecting the system from any unauthorized access, modification, or disruption that could potentially affect its performance or compromise its intended function. System integrity is crucial for maintaining the reliability and trustworthiness of a system.

Rate this question:
3.

A loss of _________ is the unauthorized disclosure of information.
- A.
  
  Confidentiality
- B.
  
  Authenticity
- C.
  
  Integrity
- D.
  
  Availability
Correct Answer
A. Confidentiality

Explanation
Confidentiality refers to the protection of sensitive information from being accessed or disclosed to unauthorized individuals. A loss of confidentiality occurs when this information is disclosed without proper authorization. Therefore, it is the correct answer for the given question.

Rate this question:
4.

A________ level breach of security could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.
- A.
  
  Low
- B.
  
  Moderate
- C.
  
  Normal
- D.
  
  High
Correct Answer
D. High

Explanation
A high-level breach of security refers to a situation where there is a severe or catastrophic adverse effect on organizational operations, assets, or individuals. This means that the breach has significant consequences and can cause substantial damage to the organization or individuals involved. It indicates that the breach is not minor or insignificant, but rather has a major impact on the overall functioning and well-being of the organization or individuals affected.

Rate this question:
5.

A flaw or weakness in a system’s design, implementation, or operation and management that could be exploited to violate the system’s security policy is a(n) __________.
- A.
  
  Countermeasure
- B.
  
  Adversary
- C.
  
  Vulnerability
- D.
  
  Risk
Correct Answer
C. Vulnerability

Explanation
A vulnerability refers to a flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy. It represents a potential entry point for attackers to compromise the system's integrity, confidentiality, or availability. Identifying and addressing vulnerabilities is crucial in maintaining the security of a system and preventing unauthorized access or malicious activities.

Rate this question:
6.

An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) __________.
- A.
  
  Risk
- B.
  
  Attack
- C.
  
  Asset
- D.
  
  Vulnerability
Correct Answer
B. Attack

Explanation
An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is referred to as an "attack". This term is commonly used in the context of cybersecurity to describe intentional actions taken to compromise the security of a system or network. Attacks can take various forms, such as malware infections, unauthorized access attempts, or social engineering techniques, and they are aimed at exploiting vulnerabilities in order to gain unauthorized access or cause harm to the targeted system.

Rate this question:
7.

A(n) __________ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken.
- A.
  
  Attack
- B.
  
  Adversary
- C.
  
  Countermeasure
- D.
  
  Protocol
Correct Answer
C. Countermeasure

Explanation
A countermeasure is a method or strategy that is used to reduce or prevent a threat, vulnerability, or attack. It can be an action, device, procedure, or technique that aims to eliminate or minimize the harm caused by the threat or attack. Countermeasures can also involve discovering and reporting the threat or attack so that appropriate action can be taken to address it.

Rate this question:
8.

A(n) _________ is an attempt to learn or make use of information from the system that does not affect system resources.
- A.
  
  Passive attack
- B.
  
  Outside attack
- C.
  
  Inside attack
- D.
  
  Active attack
Correct Answer
A. Passive attack

Explanation
A passive attack refers to an attempt to learn or make use of information from a system without affecting system resources. In this type of attack, the attacker does not actively alter or disrupt the system but rather observes or intercepts data. This can include activities such as eavesdropping, monitoring network traffic, or analyzing data to gain unauthorized access or obtain sensitive information. Unlike active attacks, passive attacks do not directly impact or manipulate system resources.

Rate this question:

1
0
9.

Masquerade, falsification, and repudiation are threat actions that cause __________ threat consequences.
- A.
  
  Unauthorized disclosure
- B.
  
  Disruption
- C.
  
  Deception
- D.
  
  Usurpation
Correct Answer
C. Deception

Explanation
Masquerade, falsification, and repudiation are all actions that involve tricking or misleading someone. These actions are intended to deceive or mislead others, and therefore the threat consequences associated with them would also be deception. Unauthorized disclosure refers to the unauthorized release of sensitive information, disruption refers to the interruption or interference with normal operations, and usurpation refers to the unauthorized takeover of someone else's rights or privileges. None of these accurately describe the threat consequences of masquerade, falsification, and repudiation, which is why deception is the correct answer.

Rate this question:
10.

A threat action in which sensitive data are directly released to an unauthorized entity is __________.
- A.
  
  Corruption
- B.
  
  Intrusion
- C.
  
  Disruption
- D.
  
  Exposure
Correct Answer
D. Exposure

Explanation
Exposure refers to a threat action where sensitive data is directly released to an unauthorized entity. This means that the data is made accessible to someone who should not have access to it, potentially leading to unauthorized use or disclosure. This can occur due to various factors such as weak security measures, human error, or malicious intent. It is important to prevent exposure of sensitive data to protect the privacy and security of individuals and organizations.

Rate this question:
11.

An example of __________ is an attempt by an unauthorized user to gain access to a system by posing as an authorized user.
- A.
  
  Masquerade
- B.
  
  Privacy
- C.
  
  Interception
- D.
  
  Inference
Correct Answer
A. Masquerade

Explanation
The correct answer is masquerade because it refers to the act of pretending to be someone else in order to deceive or gain unauthorized access. In this context, an unauthorized user is attempting to gain access to a system by posing as an authorized user, which is a clear example of masquerade.

Rate this question:
12.

The _________ prevents or inhibits the normal use or management of communications facilities.
- A.
  
  Passive attack
- B.
  
  Denial of service
- C.
  
  Traffic encryption
- D.
  
  Masquerade
Correct Answer
B. Denial of service

Explanation
Denial of service refers to a type of cyber attack where the attacker intentionally disrupts or hinders the normal functioning of communication facilities, such as networks, servers, or websites. This can be achieved by overwhelming the target system with excessive traffic or by exploiting vulnerabilities to crash or disable the system. The objective is to prevent legitimate users from accessing or using the services provided by the targeted system.

Rate this question:
13.

A __________ is any action that compromises the security of information owned by an organization.
- A.
  
  Security mechanism
- B.
  
  Security policy
- C.
  
  Security atatck
- D.
  
  Security service
Correct Answer
C. Security atatck

Explanation
A security attack is any action that compromises the security of information owned by an organization. This can include unauthorized access, data breaches, malware infections, or any other malicious activity that puts the confidentiality, integrity, or availability of information at risk. Security attacks can be intentional or unintentional, and they can originate from both internal and external sources. It is important for organizations to have robust security measures in place to detect, prevent, and mitigate the impact of security attacks.

Rate this question:
14.

The assurance that data received are exactly as sent by an authorized entity is __________.
- A.
  
  Authentication
- B.
  
  Traffic control
- C.
  
  Traffic routing
- D.
  
  Traffic integrity
Correct Answer
D. Traffic integrity

Explanation
Traffic integrity refers to the assurance that data received is exactly as sent by an authorized entity. It ensures that the data has not been tampered with or altered during transmission. Authentication, traffic control, and traffic routing are not directly related to ensuring the integrity of the data.

Rate this question:
15.

__________ is the insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.
- A.
  
  Traffic padding
- B.
  
  Traffic control
- C.
  
  Traffic routing
- D.
  
  Traffic integrity
Correct Answer
A. Traffic padding

Explanation
Traffic padding is the insertion of bits into gaps in a data stream to frustrate traffic analysis attempts. By adding extra bits, the data stream becomes less predictable and harder to analyze, making it difficult for attackers or surveillance systems to gather meaningful information about the traffic. This technique helps to protect the privacy and security of the data being transmitted.

Rate this question:
16.

__________ is the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources.

Correct Answer
Computer security, computer security, Computer Security

Explanation
The term "computer security" refers to the measures taken to protect an automated information system. These measures aim to achieve the objectives of preserving the integrity, availability, and confidentiality of the system's resources. By ensuring the integrity, availability, and confidentiality of information, computer security helps to safeguard against unauthorized access, data breaches, and other potential threats to the system.

Rate this question:

4
17.

Confidentiality, Integrity, and Availability form what is often referred to as the _____.

Correct Answer
CIA triad

Explanation
The question is asking for the term that refers to the concepts of Confidentiality, Integrity, and Availability. The correct answer is "CIA triad". The CIA triad is a widely recognized framework in information security that emphasizes the importance of protecting sensitive information (Confidentiality), ensuring data accuracy and trustworthiness (Integrity), and maintaining system functionality and accessibility (Availability).

Rate this question:

4
18.

A loss of _________ is the disruption of access to or use of information or an information system.

Correct Answer
availability, Availability

Explanation
A loss of availability refers to the situation where there is a disruption in accessing or using information or an information system. This means that the information or system is no longer accessible or usable, which can have negative consequences for individuals or organizations relying on it. The term "availability" is used to describe this specific type of loss in the context of information and information systems.

Rate this question:

1
4 0
19.

In the United States, student grade information is an asset whose confidentiality is regulated by the __________.

Correct Answer
FERPA , Family Educational Rights and Privacy Act, family educational rights and privacy act

Explanation
The correct answer is FERPA, which stands for the Family Educational Rights and Privacy Act. This act regulates the confidentiality of student grade information in the United States. FERPA grants certain rights to parents and students regarding their educational records and ensures that these records are protected and kept confidential.

Rate this question:

4
20.

A(n) _________ is a threat that is carried out and, if successful, leads to an undesirable violation of security, or threat consequence.

Correct Answer
Attack, attack

Explanation
The given correct answer is "Attack, attack". An attack refers to a deliberate action taken with the intention to compromise security. It is a threat that, if successful, results in an undesirable violation of security or threat consequence. The repetition of the word "attack" in the question and answer might be a typographical error or redundancy.

Rate this question:

4
21.

A(n) _________ is any means taken to deal with a security attack.

Correct Answer
countermeasure, Countermeasure

Explanation
A countermeasure refers to any action or precautionary measure taken to address a security attack. It is a proactive approach aimed at preventing or mitigating the impact of an attack. Countermeasures can include various strategies, such as implementing firewalls, encryption, or intrusion detection systems, to safeguard against potential threats. By utilizing countermeasures, organizations can enhance their security posture and minimize the risk of successful attacks.

Rate this question:

1
4 0
22.

Misappropriation and misuse are attacks that result in ________ threat consequences.

Correct Answer
usurpation, Usurpation

Explanation
Misappropriation and misuse are attacks that result in usurpation threat consequences. Usurpation refers to the act of wrongfully taking someone else's power or authority. In the context of the question, misappropriation and misuse can lead to the unauthorized acquisition or misuse of resources, privileges, or control, thereby usurping the rightful ownership or control. This can have serious consequences, such as loss of data, breach of security, or violation of rights. Therefore, the correct answer is usurpation, as it accurately describes the outcome of misappropriation and misuse attacks.

Rate this question:

4
23.

The assets of a computer system can be categorized as hardware, software, communication lines and networks, and _________.

Correct Answer
Data, data

Explanation
The assets of a computer system can be categorized as hardware, software, communication lines and networks, and data. Data is an essential asset in a computer system as it refers to the information or facts that are stored and processed by the system. It can include various types of information such as documents, files, databases, and user input. Data is crucial for the functioning of a computer system as it is used by the software to perform tasks and provide output to the users. Additionally, data can also be transmitted and shared through communication lines and networks, making it an integral part of the system's assets.

Rate this question:

4
24.

Release of message contents and traffic analysis are two types of _________ attacks.

Correct Answer
passive, Passive

Explanation
Passive attacks refer to the interception and monitoring of communication without altering or disrupting it. Release of message contents involves unauthorized access to the actual message, while traffic analysis involves analyzing patterns and metadata of the communication to gain information. Both these attacks fall under the category of passive attacks as they do not actively manipulate the communication.

Rate this question:

4
25.

Replay, masquerade, modification of messages, and denial of service are example of _________ attacks.

Correct Answer
active, Active

Explanation
The given correct answer for this question is "active, Active". This is because replay, masquerade, modification of messages, and denial of service are all examples of active attacks. Active attacks involve an attacker actively interfering with the communication process, such as intercepting and altering messages, impersonating legitimate users, or disrupting the availability of a service. These attacks are characterized by the attacker's direct involvement in manipulating or disrupting the communication flow.

Rate this question:

4
26.

Establishing, maintaining, and implementing plans for emergency response, backup operations, and post disaster recovery for organizational information systems to ensure the availability of critical information resources and continuity of operations in emergency situations is a __________ plan.

Correct Answer
contingency, Contingency

Explanation
The correct answer is contingency. A contingency plan is a proactive strategy that organizations put in place to prepare for and respond to potential emergencies or disasters. It involves establishing, maintaining, and implementing plans for emergency response, backup operations, and post-disaster recovery to ensure the availability of critical information resources and continuity of operations in emergency situations. This plan helps organizations minimize the impact of unexpected events and ensure that they can continue their operations smoothly.

Rate this question:

4
27.

A(n) _________ assessment is periodically assessing the risk to organizational operations, organizational assets, and individuals, resulting from the operation of organizational information systems and the associated processing, storage, or transmission or organizational information.

Correct Answer
risk, Risk

Explanation
The given answer is correct because it accurately identifies that the assessment being referred to is related to the evaluation of risk. This assessment involves periodically assessing the potential risks that can affect organizational operations, assets, and individuals. These risks can arise from the operation of information systems and the associated processing, storage, or transmission of organizational information. The repetition of the word "risk" in both lowercase and uppercase emphasizes the importance and significance of this assessment in identifying and mitigating potential risks.

Rate this question:

4
28.

The OSI security architecture focuses on security attacks, __________, and services.

Correct Answer
mechanisms, Mechanisms

Explanation
The OSI security architecture is designed to address security attacks, mechanisms, and services. Mechanisms refer to the various techniques and tools used to implement security measures and protect against potential threats. These mechanisms can include encryption, authentication protocols, access control mechanisms, and more. By focusing on mechanisms, the OSI security architecture aims to provide a comprehensive framework for ensuring the security of network systems and data.

Rate this question:

4
29.

A __________ is data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery.

Correct Answer
Digital signature, digital signature, Digital Signature

Explanation
A digital signature is a cryptographic transformation of a data unit that is appended to the data unit. It allows the recipient to verify the source and integrity of the data unit, ensuring that it has not been tampered with or forged. The repetition of "digital signature" in the answer may indicate the importance and emphasis on this concept in the context of data security and integrity.

Rate this question:

4
30.

Security implementation involves four complementary courses of action: prevention, detection, response, and _________.

Correct Answer
recovery, Recovery

Explanation
The question is asking for the missing complementary course of action in security implementation, which is recovery. Recovery is an essential step in security implementation as it involves restoring systems and data to their normal functioning state after a security incident or breach. It focuses on recovering lost or compromised data, repairing any damage caused, and ensuring that systems are secure and operational again. Recovery is crucial to minimize the impact of security incidents and to restore normalcy in the organization's operations.

Rate this question:

4
31.

A(n) ________ is inserted into a network segment so that the traffic that it is monitoring must pass through the sensor.
- A.
  
  LAN sensor
- B.
  
  Analysis sensor
- C.
  
  Passive sensor
- D.
  
  Inline sensor
Correct Answer
D. Inline sensor

Explanation
An inline sensor is inserted into a network segment to ensure that the traffic being monitored must pass through the sensor. Unlike other types of sensors, such as LAN sensors or analysis sensors, an inline sensor is specifically designed to be placed directly in the network path, allowing it to intercept and analyze all traffic passing through. This ensures comprehensive monitoring and analysis of network traffic, making it an effective tool for network security and performance monitoring. A passive sensor, on the other hand, would only listen to the traffic without actively intercepting it.

Rate this question:
32.

The rule _______ tells Snort what to do when it finds a packet that matches the rule criteria.
- A.
  
  Destination port
- B.
  
  Protocol
- C.
  
  Direction
- D.
  
  Action
Correct Answer
D. Action

Explanation
The "action" rule tells Snort what to do when it finds a packet that matches the rule criteria. This means that when Snort detects a packet that meets the specified conditions, it will perform the action specified in the rule. The action could be alerting the user, logging the packet, or blocking the packet, depending on the configuration.

Rate this question:
33.

__________ involves an attempt to define a set of rules or attack patterns that can be used to decide if a given behavior is that of an intruder.
- A.
  
  Signature detection
- B.
  
  Threshold detection
- C.
  
  Anomaly detection
- D.
  
  Profile based detection
Correct Answer
A. Signature detection

Explanation
Signature detection involves defining a set of rules or attack patterns that can be used to determine if a behavior is that of an intruder. This method relies on known signatures or patterns of malicious activity to identify and block potential threats. By comparing network traffic or system behavior against a database of known signatures, signature detection can effectively detect and prevent intrusions.

Rate this question:
34.

A _________ is a security event that constitutes a security incident in which an intruder gains access to a system without having authorization to do so
- A.
  
  Criminal enterprise
- B.
  
  Intrusion detection
- C.
  
  Security intrusion
- D.
  
  IDS
Correct Answer
C. Security intrusion

Explanation
A security intrusion refers to a security event where an unauthorized person gains access to a system. This unauthorized access is considered a security incident as it violates the system's authorization requirements. It is important to identify and address security intrusions promptly to prevent further damage and protect sensitive information.

Rate this question:
35.

_________ is a document that describes the application level protocol for exchanging data between intrusion detection entities
- A.
  
  RFC 4767
- B.
  
  RFC 4766
- C.
  
  RFC 4765
- D.
  
  RFC 4764
Correct Answer
A. RFC 4767

Explanation
RFC 4767 is the correct answer because it is a document that describes the application level protocol for exchanging data between intrusion detection entities. The RFC (Request for Comments) series is a collection of documents that define various protocols, procedures, and standards for the internet. RFC 4767 specifically focuses on the protocol for exchanging data between intrusion detection entities, making it the appropriate choice for this question.

Rate this question:
36.

_______are decoy systems that are designed to lure a potential attacker away from critical systems.

Correct Answer
honeypots, Honeypots

Explanation
Honeypots are decoy systems that are specifically created to divert potential attackers from accessing critical systems. These systems are designed to mimic real networks or applications, enticing attackers to interact with them instead of the actual valuable assets. By luring attackers to these honeypots, organizations can gather information about their tactics, techniques, and intentions, allowing them to enhance their overall security measures and protect their critical systems effectively.

Rate this question:

4
37.
1. The ____________ is the predefined formally documented statement that defines what activities are allowed to take place on an organization’s network or on particular hosts to support the organization’s requirements.
Correct Answer
security policy , Security Policy

Explanation
A security policy is a predefined formally documented statement that defines what activities are allowed to take place on an organization's network or on particular hosts to support the organization's requirements. It outlines the rules, regulations, and guidelines that govern the use of the network and the protection of sensitive information. The security policy helps to ensure that the organization's resources are used appropriately and that security measures are in place to protect against unauthorized access and potential threats.

Rate this question:

4
38.

______ is a benefit of security awareness, training, and education programs to organizations.
- A.
  
  Improving employee behavior
- B.
  
  Increasing the ability to hold employees accountable for their actions
- C.
  
  Mitigating liability of the organization for an employee’s behavior
- D.
  
  All of the above
Correct Answer
D. All of the above

Explanation
Security awareness, training, and education programs provide several benefits to organizations. Firstly, they help in improving employee behavior by educating them about potential security risks and teaching them how to identify and respond to such threats. Secondly, these programs increase the organization's ability to hold employees accountable for their actions by establishing clear guidelines and consequences for security breaches. Lastly, these programs also help in mitigating the liability of the organization for an employee's behavior by demonstrating that necessary measures were taken to educate and train employees on security protocols. Therefore, all of the given options are correct benefits of security awareness, training, and education programs.

Rate this question:
39.

Security awareness, training, and education programs can serve as a deterrent to fraud and actions by disgruntled employees by increasing employees’ knowledge of their ________ and of potential penalties
- A.
  
  Regulations
- B.
  
  Accountability
- C.
  
  Liability
- D.
  
  Incidents
Correct Answer
B. Accountability

Explanation
Security awareness, training, and education programs can serve as a deterrent to fraud and actions by disgruntled employees by increasing employees' knowledge of their accountability and of potential penalties. By understanding their responsibilities and the consequences of their actions, employees are less likely to engage in fraudulent activities or actions that could harm the organization. This knowledge creates a sense of responsibility and encourages employees to act ethically and in compliance with regulations, reducing the risk of fraud and misconduct.

Rate this question:
40.

The _______ category is a transitional stage between awareness and training
- A.
  
  Roles and responsibilities relative to IT systems
- B.
  
  Security basics and literacy
- C.
  
  Education and experience
- D.
  
  Security awareness
Correct Answer
B. Security basics and literacy

Explanation
The security basics and literacy category refers to the stage where individuals have a basic understanding of security concepts and are familiar with the necessary skills and knowledge required to protect IT systems. This stage acts as a bridge between awareness and training, as individuals in this category have a foundation of security awareness but still need further education and experience to fully develop their skills.

Rate this question:

1
0
41.

________ is explicitly required for all employees
- A.
  
  Security awareness
- B.
  
  Education and experience
- C.
  
  Security basics and literacy
- D.
  
  Roles and responsibilities relative to IT systems
Correct Answer
A. Security awareness

Explanation
Security awareness is explicitly required for all employees because it ensures that they have the knowledge and understanding of potential security risks and threats. By being aware of security best practices, employees can actively contribute to maintaining a secure work environment and protecting sensitive information. This includes being aware of common attack vectors, understanding the importance of strong passwords, being cautious of phishing attempts, and knowing how to report any suspicious activities. Security awareness helps to create a culture of security within an organization and empowers employees to be proactive in safeguarding company assets.

Rate this question:
42.

The _________ level focuses on developing the ability and vision to perform complex, multidisciplinary activities and the skills needed to further the IT security profession and to keep pace with threat and technology changes
- A.
  
  Security basics and literacy
- B.
  
  Roles and responsibilities relative to IT systems
- C.
  
  Education and experience
- D.
  
  Security awareness
Correct Answer
C. Education and experience

Explanation
The education and experience level focuses on developing the ability and vision to perform complex, multidisciplinary activities and the skills needed to further the IT security profession and to keep pace with threat and technology changes. This level emphasizes the importance of acquiring knowledge through formal education and gaining practical experience in the field of IT security. It recognizes that a combination of theoretical understanding and hands-on practice is essential for professionals to excel in their roles and responsibilities and effectively address the evolving challenges in the industry.

Rate this question:
43.

_______ are ways for an awareness program to promote the security message to employees
- A.
  
  Posters
- B.
  
  Newsletters
- C.
  
  Workshops and training sessions
- D.
  
  All of the above
Correct Answer
D. All of the above

Explanation
Posters, newsletters, and workshops and training sessions are all effective ways for an awareness program to promote the security message to employees. Posters can be displayed in common areas to catch employees' attention and remind them of important security practices. Newsletters can be distributed regularly to provide updates, tips, and reminders about security measures. Workshops and training sessions allow for more interactive and in-depth learning experiences, where employees can actively participate and ask questions. By utilizing all of these methods, the awareness program can effectively reach and engage employees, ensuring that the security message is effectively communicated and understood.

Rate this question:
44.

____ need training on the development of risk management goals, means of measurement, and the need to lead by example in the area of security awareness
- A.
  
  Executives
- B.
  
  Analysts
- C.
  
  Managers
- D.
  
  Trainers
Correct Answer
A. Executives

Explanation
Executives need training on the development of risk management goals, means of measurement, and the need to lead by example in the area of security awareness. This is because executives play a crucial role in setting the direction and priorities of an organization. They need to understand the importance of risk management and be able to develop effective goals and metrics to measure the success of security initiatives. Additionally, executives need to lead by example and demonstrate a strong commitment to security awareness in order to foster a culture of security within the organization.

Rate this question:
45.

From a security point of view, which of the following actions should be done upon the termination of an employee?
- A.
  
  Remove the person’s name from all lists of authorized access
- B.
  
  Recover all assets, including employee ID, disks, documents and equipment
- C.
  
  Remove all personal access codes
- D.
  
  All of the above
Correct Answer
D. All of the above

Explanation
Upon the termination of an employee, it is important from a security point of view to take all of the mentioned actions. Removing the person's name from all lists of authorized access ensures that they no longer have any privileges or permissions within the organization's systems. Recovering all assets, including employee ID, disks, documents, and equipment, helps to prevent any unauthorized use or access to sensitive information. Removing all personal access codes ensures that the former employee cannot use their credentials to gain entry into any systems or networks. Taking all of these actions collectively helps to mitigate security risks and protect the organization's assets and information.

Rate this question:

1
0
46.

________ is the process of receiving, initial sorting, and prioritizing of information to facilitate its appropriate handling
- A.
  
  Incident
- B.
  
  Triage
- C.
  
  Constituency
- D.
  
  Handling
Correct Answer
B. Triage

Explanation
Triage is the process of receiving, initial sorting, and prioritizing of information to facilitate its appropriate handling. This term is commonly used in medical contexts, where it refers to the assessment and prioritization of patients based on the severity of their condition. However, triage can also be applied to other situations, such as emergency response or customer support, where quick decision-making and prioritization are necessary. The goal of triage is to efficiently allocate resources and attention to the most urgent or critical cases first.

Rate this question:
47.

CERT stands for ___________.
- A.
  
  Computer Error Response Team
- B.
  
  Compliance Error Repair Technology
- C.
  
  Computer Emergency Response Team
- D.
  
  Compliance Emergency Response Technology
Correct Answer
C. Computer Emergency Response Team

Explanation
CERT stands for Computer Emergency Response Team. This team is responsible for responding to and handling computer security incidents and emergencies. They work to prevent, detect, and respond to cyber threats and vulnerabilities. The term "emergency" implies the urgency and critical nature of their work, as they are tasked with quickly addressing and mitigating any potential risks or damages caused by cyber attacks or other security incidents.

Rate this question:
48.

________ can include computer viruses, Trojan horse programs, worms, exploit scripts, and toolkits
- A.
  
  Artifacts
- B.
  
  Vulnerabilities
- C.
  
  CSIRT
- D.
  
  Constituencies
Correct Answer
A. Artifacts

Explanation
The term "artifacts" refers to various types of malicious software that can harm computer systems, such as computer viruses, Trojan horse programs, worms, exploit scripts, and toolkits. These artifacts are designed to exploit vulnerabilities in computer systems and can cause significant damage if not detected and addressed promptly.

Rate this question:
49.

A capability set up for the purpose of assisting in responding to computer security-related incidents that involve sites within a defined constituency is called a ______.
- A.
  
  CIRT
- B.
  
  CIRC
- C.
  
  CSIRT
- D.
  
  All of the above
Correct Answer
D. All of the above

Explanation
A capability set up for the purpose of assisting in responding to computer security-related incidents that involve sites within a defined constituency can be referred to by any of the terms CIRT, CIRC, or CSIRT. These terms are interchangeable and can be used to describe the same concept. Therefore, the correct answer is "all of the above" as they all represent the same capability.

Rate this question:
50.

___________ scan critical system files, directories, and services to ensure they have not been changed without proper authorization
- A.
  
  Intrusion prevention systems
- B.
  
  System integrity verification tools
- C.
  
  Log analysis tools
- D.
  
  Network and host intrusion detection systems
Correct Answer
B. System integrity verification tools

Explanation
System integrity verification tools are designed to scan critical system files, directories, and services to ensure that they have not been changed without proper authorization. These tools help to detect any unauthorized modifications or tampering with the system, which could indicate a potential security breach or compromise. By regularly scanning and verifying the integrity of these system components, organizations can ensure the overall security and stability of their systems.

Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Mar 22, 2023

Quiz Edited by
ProProfs Editorial Team
Jun 22, 2015

Quiz Created by
Selmer

Featured Quizzes

Can You Guess These Asian's Nationality? Can You Guess These Asian's Nationality?

Which FNAF Character Are You? Which FNAF Character Are You?

POTS Syndrome Quiz - Do You Have POTS? POTS Syndrome Quiz - Do You Have POTS?

BTS Quiz: Who Is Your BTS Soulmate? BTS Quiz: Who Is Your BTS Soulmate?

Which Premier League Team Should I Support? Which Premier League Team Should I Support?

Which Movie Character Are You? Which Movie Character Are You?

Back to top

Incident Response Exam Quiz!

Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.

Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system. System integrity

A loss of _________ is the unauthorized disclosure of information.

A________ level breach of security could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.

A flaw or weakness in a system’s design, implementation, or operation and management that could be exploited to violate the system’s security policy is a(n) __________.

An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) __________.

A(n) __________ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken.

A(n) _________ is an attempt to learn or make use of information from the system that does not affect system resources.

Masquerade, falsification, and repudiation are threat actions that cause __________ threat consequences.

A threat action in which sensitive data are directly released to an unauthorized entity is __________.

An example of __________ is an attempt by an unauthorized user to gain access to a system by posing as an authorized user.

The _________ prevents or inhibits the normal use or management of communications facilities.

A __________ is any action that compromises the security of information owned by an organization.

The assurance that data received are exactly as sent by an authorized entity is __________.

__________ is the insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.

__________ is the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources.

Confidentiality, Integrity, and Availability form what is often referred to as the _____.

A loss of _________ is the disruption of access to or use of information or an information system.

In the United States, student grade information is an asset whose confidentiality is regulated by the __________.

A(n) _________ is a threat that is carried out and, if successful, leads to an undesirable violation of security, or threat consequence.

A(n) _________ is any means taken to deal with a security attack.

Misappropriation and misuse are attacks that result in ________ threat consequences.

The assets of a computer system can be categorized as hardware, software, communication lines and networks, and _________.

Release of message contents and traffic analysis are two types of _________ attacks.

Replay, masquerade, modification of messages, and denial of service are example of _________ attacks.

Establishing, maintaining, and implementing plans for emergency response, backup operations, and post disaster recovery for organizational information systems to ensure the availability of critical information resources and continuity of operations in emergency situations is a __________ plan.

A(n) _________ assessment is periodically assessing the risk to organizational operations, organizational assets, and individuals, resulting from the operation of organizational information systems and the associated processing, storage, or transmission or organizational information.

The OSI security architecture focuses on security attacks, __________, and services.

A __________ is data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery.

Security implementation involves four complementary courses of action: prevention, detection, response, and _________.

A(n) ________ is inserted into a network segment so that the traffic that it is monitoring must pass through the sensor.

The rule _______ tells Snort what to do when it finds a packet that matches the rule criteria.

__________ involves an attempt to define a set of rules or attack patterns that can be used to decide if a given behavior is that of an intruder.

A _________ is a security event that constitutes a security incident in which an intruder gains access to a system without having authorization to do so

_________ is a document that describes the application level protocol for exchanging data between intrusion detection entities

_______are decoy systems that are designed to lure a potential attacker away from critical systems.

The ____________ is the predefined formally documented statement that defines what activities are allowed to take place on an organization’s network or on particular hosts to support the organization’s requirements.

______ is a benefit of security awareness, training, and education programs to organizations.

Security awareness, training, and education programs can serve as a deterrent to fraud and actions by disgruntled employees by increasing employees’ knowledge of their ________ and of potential penalties

The _______ category is a transitional stage between awareness and training

________ is explicitly required for all employees

The _________ level focuses on developing the ability and vision to perform complex, multidisciplinary activities and the skills needed to further the IT security profession and to keep pace with threat and technology changes

_______ are ways for an awareness program to promote the security message to employees

____ need training on the development of risk management goals, means of measurement, and the need to lead by example in the area of security awareness

From a security point of view, which of the following actions should be done upon the termination of an employee?

________ is the process of receiving, initial sorting, and prioritizing of information to facilitate its appropriate handling

CERT stands for ___________.

________ can include computer viruses, Trojan horse programs, worms, exploit scripts, and toolkits

A capability set up for the purpose of assisting in responding to computer security-related incidents that involve sites within a defined constituency is called a ______.

___________ scan critical system files, directories, and services to ensure they have not been changed without proper authorization