11. What application monitors system activity, then produces alerts about possible intrusions?

  • Intrusion detection system
  • Playbook
  • Product manual
  • Word processor

12. What actions does an intrusion prevention system (IPS) perform? Select three answers.

  • Detect abnormal activity
  • Stop intrusive activity
  • Monitor activity
  • Manage security incidents

Weekly challenge 1

13. Which of the following is an example of a security incident?

  • Multiple unauthorized transfers of sensitive documents to an external system.
  • A company’s experiences increased traffic volumes on their website because of a new product release.
  • An extreme weather event causes a network outage.
  • An authorized user emails a file to a customer.

14. What is the NIST Incident Response Lifecycle?

  • The method of closing an investigation
  • A framework that provides a blueprint for effective incident response
  • A system that only includes regulatory standards and guidelines
  • The process used to document events

15. Which of the following are phases of the NIST Incident Response Lifecycle? Select three answers.

  • Containment, Eradication, and Recovery
  • Preparation
  • Detection and Analysis
  • Protection

16. What are some roles included in a computer security incident response team (CSIRT)? Select three answers.

  • Security analyst
  • Incident coordinator
  • Technical lead
  • Incident manager

17. What is an incident response plan?

  • A document that outlines the procedures to take in each step of incident response
  • A document that outlines a security team’s contact information
  • A document that details system information
  • A document that contains policies, standards, and procedures

18. A cybersecurity analyst receives an alert about a potential security incident. Which type of tool should they use to examine the alert's evidence in greater detail?

  • A recovery tool
  • A documentation tool
  • An investigative tool
  • A detection tool

Shuffle Q/A 2

19. Which of the following methods can a security analyst use to create effective documentation? Select two answers.

  • Provide clear and concise explanations of concepts and processes.
  • Write documentation in a way that reduces confusion.
  • Provide documentation in a paper-based format.
  • Write documentation using technical language.

20. What is the difference between an intrusion detection system (IDS) and an intrusion prevention system (IPS)?

  • An IDS stops intrusive activity whereas an IPS monitors system activity and alerts on intrusive activity.
  • An IDS monitors system activity and alerts on intrusive activity whereas an IPS stops intrusive activity.
  • An IDS automates response and an IPS generates alerts.
  • An IDS and an IPS both have the same capabilities.

Leave a Reply