Computer Security Incidents Quiz Questions

Information Security

Cybersecurity

ISO/IEC 27001

NIST SP 800-53

Reviewed by Editorial Team

The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.

Learn about Our Editorial Process

| By Charlesss

Charlesss

Community Contributor

Quizzes Created: 1 | Total Attempts: 8,799

| Attempts: 8,799 | Questions: 15

Share on Facebook Share on Twitter Share on Whatsapp Share on Pinterest Share on Email Copy to Clipboard Embed on your website

Question 1 / 15

0 %

0/100

Score 0/100

1. The incident reporting function enables a CSIRT to serve as a central point of contact for reporting local problems.

True

False

The incident reporting function allows a CSIRT (Computer Security Incident Response Team) to act as a central point of contact for reporting local problems. This means that individuals or organizations experiencing security incidents or problems can report them to the CSIRT, who will then coordinate and handle the response. By serving as a central point of contact, the CSIRT can efficiently gather information, assess the situation, and provide appropriate assistance or guidance to address the reported problems.

Explanation

Submit

About This Quiz

Computer Security Incidents Quiz Questions - Quiz

Do you know about computer security incidents? Check out these quiz questions and answers based on computer security incidents and test your knowledge about the same. Any compromise with the confidentiality, integrity, or availability of an organization's information system is defined as a cybersecurity incident or information security incident. Do... see moreyou know how to stop the theft of information security? Take up the quiz below and review your understanding of different types of computer security incidents. Good luck! see less

What's your name? Personalize your quiz and earn a certificate with your name on it!

2. Having a central point of contact allows all incident reports and activity to be collected in one location where information can be reviewed and correlated across the parent organization or constituency.

True

False

Having a central point of contact allows for efficient and effective management of incident reports and activity. By collecting all information in one location, it becomes easier to review and analyze the data, identify patterns or trends, and make informed decisions. This centralized approach also enables better coordination and communication across different departments or entities within the parent organization or constituency. Overall, having a central point of contact enhances the organization's ability to respond promptly and appropriately to incidents and fosters a more streamlined and cohesive incident management process.

Explanation

Submit

3. Which of the following are the types of computer security incidents?

Malicious code attack

Unauthorized access

Fraud and theft

All of these points

Malicious code attacks, fraud and theft, and unauthorized access are all types of computer security incidents.

Explanation

Malicious code attacks, fraud and theft, and unauthorized access are all types of computer security incidents.

Submit

4. Incidents should be reported to ___?

The CERT Coordination Center

User

Attacker

Clients

Incidents should be reported to the CERT Coordination Center.

Explanation

Incidents should be reported to the CERT Coordination Center.

Submit

5. Incident handling includes which of the following three functions?

Incident reporting, response, virtualization

Incident reporting, analysis, response

Incident analysis, response, virtualization

Incident reporting, analysis, virtualization

Incident handling includes incident reporting, analysis, and response.

Explanation

Incident handling includes incident reporting, analysis, and response.

Submit

6. Based on incident prioritization, which one of the following incidents should have first priority (Priority 1)?

GatorLink account compromised and being used to send spam.

Multifunction printer/fax/scanner servicing a department stops functioning.

MyUFL is down; hacking/compromise of critical UF system leading to service unavailability/disclosure of restricted data.

ELearning is down but during spring break; AP Pay cycle will not run during the beginning of a pay period.

Videoconferencing via Polycom is unavailable for a specific conference.

The incident involving MyUFL being down due to hacking/compromise of a critical UF system is given first priority because it not only leads to service unavailability but also poses a risk of disclosure of restricted data. This incident has the potential to cause significant damage and compromise the security of the system and the data it contains. Therefore, it requires immediate attention and resolution to minimize the impact on the organization.

Explanation

Submit

7. Which of the following is correct about incident response?

The goal of an incident response plan is to handle the situation in a way that limits damage and reduces... The goal of an incident response plan is to handle the situation in a way that limits damage and reduces recovery time and costs.

An incident response plan includes a policy that defines, in specific terms, what constitutes an incident and provides a step-by-step... An incident response plan includes a policy that defines, in specific terms, what constitutes an incident and provides a step-by-step process that should be followed when an incident occurs.

Incident response is an organized approach to addressing and managing the aftermath of a security breach or attack (also known... Incident response is an organized approach to addressing and managing the aftermath of a security breach or attack (also known as an incident).

All of these points

All of these are correct about incident response, including: Incident response is an organized approach to addressing and managing the aftermath of a security breach or attack (also known as an incident).

Explanation

Submit

8. The collected information about the incident is irrelevant to be used to determine trends and patterns of intruder activity and recommend corresponding preventative strategies for the whole constituency.

True

False

The statement is suggesting that the collected information about the incident is relevant for determining trends and patterns of intruder activity and recommending corresponding preventative strategies for the whole constituency. Therefore, the correct answer is False.

Explanation

Submit

9. Accurately ___ and ___ incidents are the most challenging and essential parts of the incident response process.

Transferring / analyzing

Detecting / assessing

Mitigating / analyzing

All of these options.

Mitigating / analyzing AND Transferring / analyzing are correct.

Accurately detecting and assessing incidents are the most challenging and essential parts of the incident response process.

Explanation

Accurately detecting and assessing incidents are the most challenging and essential parts of the incident response process.

Submit

10. Which of the following is correct about a computer incident response team

A group that handles events involving computer security breaches. Although most organizations have measures in place to prevent security problems,... A group that handles events involving computer security breaches. Although most organizations have measures in place to prevent security problems, such events may still occur unexpectedly and must be handled efficiently by this group’s experts, which include team members from specified departments and specialties.

A nonprofit professional organization made up of member incident response teams. It brings together a large number of incident response... A nonprofit professional organization made up of member incident response teams. It brings together a large number of incident response teams that span a wide spectrum of public resource, internal, vendor, and commercial teams.

A concrete organizational entity (i.e., one or more staff) that is assigned the responsibility of providing part of the incident... A concrete organizational entity (i.e., one or more staff) that is assigned the responsibility of providing part of the incident management capability for a particular organization.

All of these points

The correct answer is "All of these points" because all three statements accurately describe a computer incident response team. The first statement explains that the team handles events involving computer security breaches, which is a key responsibility of such a team. The second statement describes a nonprofit professional organization that brings together multiple incident response teams, which is another way to define a computer incident response team. The third statement defines a computer incident response team as a concrete organizational entity responsible for providing incident management capability. Therefore, all of these points are correct about a computer incident response team.

Explanation

Submit

11. Which of the following is true about a computer security incident?

A computer security incident is a threat to policies that are related to computer security.

Threats or violations can be identified by unauthorized access to a system.

A security incident is a warning that there may be a threat to information or computer security. The warning could... A security incident is a warning that there may be a threat to information or computer security. The warning could also be that a threat has already occurred.

None of the above

A computer security incident refers to a situation where there is a potential or actual threat to the security of information or computer systems. It serves as a warning that there may be a threat to the confidentiality, integrity, or availability of data or computer resources. This warning could indicate that a threat is imminent or that a threat has already taken place. Unauthorized access to a system is one way to identify such threats or violations. Therefore, the statement "A security incident is a warning that there may be a threat to information or computer security. The warning could also be that a threat has already occurred" accurately describes a computer security incident.

Explanation

Submit

12. Which one of the following functions is correctly defined below?

Incident reporting begins once information is known about the events of the incident.

Incident response includes receiving reports or indications that an event is occurring or has occurred.

Incident analysis is the examination of available information, evidence or artifacts related to an event.

None of these options are correct.

Incident analysis is the examination of available information, evidence or artifacts related to an event.

Explanation

Incident analysis is the examination of available information, evidence or artifacts related to an event.

Submit

13. Which of the following is the coordination center of the computer emergency response team (CERT) for the software engineering institute (SEI), a non-profit united states federally funded research and development center. It researches software bugs that impact software and internet security, publishes research and information on its findings, and works with business and government to improve security of software and the internet as a whole.

Computer Emergency Response Team (CERT)

Forum for Incident Response and Security Teams (FIRST)

CERT Coordination Center (CERT/CC)

Computer Incident Response Team (CIRT)

The correct answer is CERT Coordination Center (CERT/CC). The CERT Coordination Center is the coordination center of the computer emergency response team (CERT) for the software engineering institute (SEI). It is a non-profit United States federally funded research and development center that focuses on researching software bugs that impact software and internet security. It also publishes research and information on its findings and works with business and government to improve the security of software and the internet as a whole.

Explanation

Submit

14. Which of the following is a security incident indication?

A system alarm, or similar indication from an intrusion detection

DoS attack, or users not able to log into an account

System crashes, or poor system performance

Attempt to logon to a new user account

All of these points

All of these are security incident indications.

Explanation

All of these are security incident indications.

Submit

15. Information Analysis Infrastructure Protection (IAIP) is a nonprofit organization that provides a central resource for gathering information on cyber threats to critical infrastructure and providing two-way sharing of information between the private and public sectors.

True

False

The given statement is false. Information Analysis Infrastructure Protection (IAIP) is not a nonprofit organization that provides a central resource for gathering information on cyber threats to critical infrastructure and providing two-way sharing of information between the private and public sectors.

Explanation

Submit

View My Results

Quiz Review Timeline (Updated): Jul 24, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.