User Account

All Pages

Gathering information about an incident

Assignment Help Basic Computer Science
Reference no: EM131559383

Q1. Much of the work that is involved in gathering information about an incident is done through the use of ____.

a. manual tools

b. automated tools

c. monitoring

d. system tools

Q2. In the case of a(n) ____ incident, the aim of incident response management is to ensure that the nature of the incident is understood in as timely a fashion as possible, and that the best possible response is deployed.

a. expected

b. possible

c. unforeseen

d. probable

Q3. Since the zero-knowledge test is the closest to mimicking real life, ____ testing is a particularly effective method to test the incident identification and response procedures of a target function.

a. blind

b. double-blind

c. open

d. closed

Q4. Incidents can range from user errors and power disruptions to malicious activity.

a. True

b. False

Q5. The goal of ____ is to distinguish the presence of a security violation, an attempt to exploit a security flaw, or even the existence of an inadvertent breakdown in security functioning.

a. incident identification

b. risk management

c. threat identification

d. vulnerability identification

Q6. The general incident response process encompasses a set of logical monitoring, analysis, and response activities.

a. True

b. False

Q7. Effective incident reporting relies on the presence of a well-established ____ function.

 a. recording

 b. controlling

 c. monitoring

 d. responding

Q8. The key to success in continuity is ____.

 a. standardization

 b. preparation

 c. planning

 d. operation

Q9. ____ is an operational process that is carried out to ensure the continuing effectiveness of continuity plans.

a. Recovery analysis

b. Threat analysis

c. Business impact analysis

d. Risk analysis

Q10. ____ is meant to ensure a disciplined recovery from a specific disaster.

a. Emergency planning

b. Disaster planning

c. Continuity planning

d. Recovery planning

Q11. ____ have a considerable economic advantage over other recovery approaches because they only require a hardware and software environment compatible with the live site.

a. Warmsites

b. Hotsites

c. Fullsites

d. Coldsites

Q12. The goal of enterprise continuity management is to develop and then oversee a process to ensure that the critical elements of the organization's information and information processing function survive in the event of a disaster or other adverse event.

a. True

b. False

Q13. The next step down from total redundancy is the ____.

a. Data Recovery Hotsite

b. Data Recovery Coldsite

c. Data Recovery Warmsite

d. Data Recovery Offsite

Q14. In the world of business, the most common model for access control is ____.

a. RBAC

b. MAC

c. DAC

d. TAC

Q15. Detecting intrusions and other violations of the integrity of the system is one of the primary operational duties of anybody managing the data security process.

a. True

b. False

Q16. In a ____ system, the subject's access permissions are assigned based on the security attributes that they possess and the rules that have been established for those attributes.

a. mandatory access control

b. role-based access control

c. discretionary access control

d. delegated access control

Q17. The data security management function is geared around ____ creation and enforcement.

a. procedure

b. policy

c. standard

d. resource

Q18. In simple terms, cryptography involves a(n) ____ algorithm.

a. conversion

b. diversion

c. communication

d. encryption

Q19. ____ incidents include such things as pre-attack probes, unauthorized access attempts, or structural vulnerabilities.

a. Potential

b. Actual

c. Reference

d. Auditable

Q20. The ____ sets a specific period of time to retain each record type, after which that particular record is erased from the system or archived in places that are difficult to access.

a. data access policy

b. data security policy

c. data retention policy

d. data loss policy

Q21. ____ is highly detail-oriented and requires a roadmap of policies and procedures that is designed to ensure maximum compliance with a wide range of rules and regulations.

a. Chain of evidence

b. Chain of ownership

c. Chain of custody

d. Chain of use

Q22. ____ consists of the protocols for the analysis of data.

a. Forensic analysis

b. System analysis

c. Threat analysis

d. Risk analysis

Q23. Ensuring legally correct evidence in digital forensics is a tricky proposition, because it relies on the proper use of ____.

a. tools

b. search warrants

c. legal instruments

d. authority

Q24. The aspect that distinguishes digital forensics from the general forensics investigative process is the ____.

a. chain of evidence

b. nature of the evidence

c. due cause

d. chain of value

Q25. The aim of the digital forensics process is to ensure that the procedures used to gather the facts are explicitly trustworthy.

a. True

b. False

Reference no: EM131559383

Questions Cloud

What is the url of the lease that you found : What is the URL of the lease that you found - What does the clause say and what would happen under the contract if the lessee assigned the lease
Find the expected number of accidents during the period : AUTO ACCIDENTS The number of accidents that occur at a certain intersection known as "Five Corners" on a Friday afternoon between the hours of 3 p.m. and 6 p.m.
Explain the difference among the seasonal and the frictional : Explain the difference among the seasonal, the frictional, the structural, and the cyclical forms of unemployment.
Find the average number of gallons of milk consumed per week : Records kept by the chief dietitian at the university cafeteria over a 30-wk period show the following weekly consumption of milk (in gallons).
Gathering information about an incident : Q1. Much of the work that is involved in gathering information about an incident is done through the use of ____.
Projected net income per common share : Assume no other preferred stock and no debt outstanding. What is Lenovo's projected net income per common share?
Should trinkle spend money to test the market : Trinkle Foods Limited of Canada has invented a new salt substitute, branded Odessa. Should Trinkle spend money to test the market?
Financial intermediaries changed in recent years : How have the U.S. financial intermediaries changed in recent years? What are the arguments for such changes?
Find the number of issues of the magazine : EXPECTED DEMAND The owner of a newsstand in a college community estimates the weekly demand for a certain magazine as follows.

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Discuss the differences between external and internal threat

Discuss the differences between external and internal threats as they relate to network security. Which threat is most difficult to defend against and why? What protections would be used specifically related to internal threats? Why is it important f..

  Can the carry and borrow inputs and outputs be combined

The outputs are data output, F, carry-out, CO, and borrow from left, BL. A mode input M= 0 indicates addition and M= 1 indicates subtraction. Can the carry and borrow inputs and outputs be combined?

  What network devices

For a network with about 150 people. What network devices (i.e router, switches, APs), security devices (i.e Firewall), network services (i.e DHCP, file, active directory) would you recommend using and why?

  How to motivate your employees

Describe also how to motivate your employees to accept the change and positively contribute to it and show its advantages and disadvantages. Characterise differences between the regions when appropriate.

  What is an erp system

What is an ERP system? What are the top three reasons companies choose to use it as the basis for designing their information systems?

  Write code that repeatedly asks the user to enter a word

Write code that repeatedly asks the user to enter a word.

  How many frames are destroyed

In a Standard Ethernet LAN, the average size of a frame is 1000 bytes. If a noise of 2 ms occurs on the LAN, how many frames are destroyed? Also repeat this problem with Gigabit Ethernet LAN.

  Determine the temperature that the model must be tested

The model is to be tested at 22°C and noting that the speed of sound is proportional to the square root of the temperature, determine the temperature that the model must be tested at to produce an equal Reynolds number.

  What is involved in sdn (software defined networks) approach

In your explanation provide a description of the benefits of the process, b

  Identify the java-based technologies utilized

1. Identify the Java-based technologies utilized in this project and analyze each of them. Then, provide discussion on the purpose of each of the Java-based technologies utilized. 2. Explain why you believe project managers selected these Java-ba..

  Problem regarding the running time of shellsort

1. a. What is the running time of Shellsort using the two-increment sequence {1, 2}? b. Show that for any N, there exists a three-increment sequence such that Shellsort runs in O(N5/3) time.

  Describe the procedures for closing out contracts

Describe the elements and purpose of the postproject review process.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd