Computer Security Incidents Quiz Questions

15 Questions | By Charlesss | Updated: Jul 24, 2022 | Attempts: 7247

Questions

Settings

Computer Security Incidents Quiz Questions - Quiz

Do you know about computer security incidents? Check out these quiz questions and answers based on computer security incidents and test your knowledge about the same. Any compromise with the confidentiality, integrity, or availability of an organization's information system is defined as a cybersecurity incident or information security incident. Do you know how to stop the theft of information security? Take up the quiz below and review your understanding of different types of computer security incidents. Good luck!

Questions and Answers

1.

Which of the following is true about a computer security incident?
- A.
  
  A computer security incident is a threat to policies that are related to computer security.
- B.
  
  Threats or violations can be identified by unauthorized access to a system.
- C.
  
  A security incident is a warning that there may be a threat to information or computer security. The warning could also be that a threat has already occurred.
- D.
  
  None of the above
2.

Which of the following are the types of computer security incidents?
- A.
  
  Malicious code attack
- B.
  
  Unauthorized access
- C.
  
  Fraud and theft
- D.
  
  All of these points
3.

Accurately ___ and ___ incidents are the most challenging and essential parts of the incident response process.
- A.
  
  Transferring / analyzing
- B.
  
  Detecting / assessing
- C.
  
  Mitigating / analyzing
- D.
  
  All of these options.
- E.
  
  Mitigating / analyzing AND Transferring / analyzing are correct.
4.

Which of the following is a security incident indication?
- A.
  
  A system alarm, or similar indication from an intrusion detection
- B.
  
  DoS attack, or users not able to log into an account
- C.
  
  System crashes, or poor system performance
- D.
  
  Attempt to logon to a new user account
- E.
  
  All of these points
5.

Based on incident prioritization, which one of the following incidents should have first priority (Priority 1)?
- A.
  
  GatorLink account compromised and being used to send spam.
- B.
  
  Multifunction printer/fax/scanner servicing a department stops functioning.
- C.
  
  MyUFL is down; hacking/compromise of critical UF system leading to service unavailability/disclosure of restricted data.
- D.
  
  ELearning is down but during spring break; AP Pay cycle will not run during the beginning of a pay period.
- E.
  
  Videoconferencing via Polycom is unavailable for a specific conference.
6.

Which of the following is correct about incident response?
- A.
  
  The goal of an incident response plan is to handle the situation in a way that limits damage and reduces recovery time and costs.
- B.
  
  An incident response plan includes a policy that defines, in specific terms, what constitutes an incident and provides a step-by-step process that should be followed when an incident occurs.
- C.
  
  Incident response is an organized approach to addressing and managing the aftermath of a security breach or attack (also known as an incident).
- D.
  
  All of these points
7.

Incident handling includes which of the following three functions?
- A.
  
  Incident reporting, response, virtualization
- B.
  
  Incident reporting, analysis, response
- C.
  
  Incident analysis, response, virtualization
- D.
  
  Incident reporting, analysis, virtualization
8.

Which one of the following functions is correctly defined below?
- A.
  
  Incident reporting begins once information is known about the events of the incident.
- B.
  
  Incident response includes receiving reports or indications that an event is occurring or has occurred.
- C.
  
  Incident analysis is the examination of available information, evidence or artifacts related to an event.
- D.
  
  None of these options are correct.
9.

Incidents should be reported to ___?
- A.
  
  The CERT Coordination Center
- B.
  
  User
- C.
  
  Attacker
- D.
  
  Clients
10.

The incident reporting function enables a CSIRT to serve as a central point of contact for reporting local problems.
- A.
  
  True
- B.
  
  False
11.

Having a central point of contact allows all incident reports and activity to be collected in one location where information can be reviewed and correlated across the parent organization or constituency.
- A.
  
  True
- B.
  
  False
12.

The collected information about the incident is irrelevant to be used to determine trends and patterns of intruder activity and recommend corresponding preventative strategies for the whole constituency.
- A.
  
  True
- B.
  
  False
13.

Which of the following is correct about a computer incident response team
- A.
  
  A group that handles events involving computer security breaches. Although most organizations have measures in place to prevent security problems, such events may still occur unexpectedly and must be handled efficiently by this group’s experts, which include team members from specified departments and specialties.
- B.
  
  A nonprofit professional organization made up of member incident response teams. It brings together a large number of incident response teams that span a wide spectrum of public resource, internal, vendor, and commercial teams.
- C.
  
  A concrete organizational entity (i.e., one or more staff) that is assigned the responsibility of providing part of the incident management capability for a particular organization.
- D.
  
  All of these points
14.

Which of the following is the coordination center of the computer emergency response team (CERT) for the software engineering institute (SEI), a non-profit united states federally funded research and development center. It researches software bugs that impact software and internet security, publishes research and information on its findings, and works with business and government to improve security of software and the internet as a whole.
- A.
  
  Computer Emergency Response Team (CERT)
- B.
  
  Forum for Incident Response and Security Teams (FIRST)
- C.
  
  CERT Coordination Center (CERT/CC)
- D.
  
  Computer Incident Response Team (CIRT)
15.

Information Analysis Infrastructure Protection (IAIP) is a nonprofit organization that provides a central resource for gathering information on cyber threats to critical infrastructure and providing two-way sharing of information between the private and public sectors.
- A.
  
  True
- B.
  
  False