Military Science > QUESTIONS & ANSWERS > Security Incident Response (SIR) (All)

Security Incident Response (SIR)

Document Content and Description Below

Security Incident Response (SIR) c - ✔✔Which one of these 5 is not one of the steps in the Incident Response LifeCycle? a. Preparation b. Detection & Analysis c. Analysis & Recovery d. Contai ... nment, Eradication, & Recovery e. Post Incident Activity a - ✔✔Which Incident Response Lifecycle phase is used to make sure the customer organization is appropriately trained with tools necessary to detect/respond to security incidents. Customers must define their business requirements for the implementation. a. Preparation b. Detection & Analysis c. Containment, Eradication, & Recovery d. Post Incident Activity b - ✔✔Which Incident Response Lifecycle phase encompasses detection from tools such as firewalls, IDS, email logs, etc.? a. Preparation b. Detection & Analysis c. Containment, Eradication, & Recovery d. Post Incident Activity b - ✔✔Which Incident Response Lifecycle phase is mainly a manual process (security analysts working the incident) a. Preparation b. Detection & Analysis c. Containment, Eradication, & Recovery d. Post Incident Activity c - ✔✔Containment as soon as possibly by reducing the time required for security analysts to respond by getting the right information in front of the right eyes at the right time is the goal of what? a. Threat Intelligence b. Vulnerability Response c. Security Incident Response d. Request Fulfillment d - ✔✔Which of the following are part of Security Incident Response: a. Collating and enriching incident information b. Investigation and analysis c. Identifying which Incident require urgent attention d. all of the above True - ✔✔(True or False) Security Incident Response objectives are to increase the speed of: 1. Detection 2. Containment 3. Resolution d - ✔✔Which of the following are Security Incident Response objectives: a. Detection b. Containment c. Resolution d. all of the above a - ✔✔Which SIR Maturity Model includes the following: 1. Spreadsheets 2. Limited Visibility 3 .Long Response times a. Level 0: Manual Operations b. Level 1: Basic Operations c. Level 2: Automated Investigations d. Level 3: Orchestrated Remediation b - ✔✔Which SIR Maturity Model includes the following: 1. Automated incident creation 2. Automation prioritization and assignment 3. Single system of record 4. Improved visibility a. Level 0: Manual Operations b. Level 1: Basic Operations c. Level 2: Automated Investigations d. Level 3: Orchestrated Remediation c - ✔✔Which SIR Maturity Model includes the following: 1. Threat intelligence correlation 2. Automated incident enrichment 3. Workflow driven consistent processes 4. Automated response 5. Better decision making a. Level 0: Manual Operations b. Level 1: Basic Operations c. Level 2: Automated Investigations d. Level 3: Orchestrated Remediation d - ✔✔Which SIR Maturity Model includes the follow [Show More]

Last updated: 3 years ago

Preview 1 out of 21 pages

Buy Now

Instant download

We Accept: