sound the alarm detection and response coursera weekly challenge 1 answers

Test your knowledge: The incident response lifecycle

1. The first phase of the NIST Incident Response Lifecycle is Preparation. What are the other phases? Select three answers.

  • Identify
  • Post-Incident Activity
  • Detection and Analysis
  • Containment, Eradication, and Recovery

2. What type of process is the NIST Incident Response Lifecycle?

  • Linear
  • Phased
  • Observable
  • Cyclical

3. Fill in the blank: An _____ is an observable occurrence on a network, system, or device.

  • analysis
  • incident
  • event
  • investigation

4. A security professional investigates an incident. Their goal is to gain information about the 5 W's, which include what happened and why. What are the other W's? Select three answers.

  • Which type of incident it was
  • Who triggered the incident
  • Where the incident took place
  • When the incident took place

Test your knowledge: Incident response operations

5. What are the goals of a computer security incident response team (CSIRT)? Select three answers.

  • To provide services and resources for response and recovery
  • To manage incidents
  • To handle the public disclosure of an incident
  • To prevent future incidents from occurring

6. Which document outlines the procedures to follow after an organization experiences a ransomware attack?

  • A network diagram
  • A contact list
  • A security policy
  • An incident response plan

7. Fill in the blank: The job of _____ is to investigate alerts and determine whether an incident has occurred.

  • technical leads
  • security analysts
  • incident coordinators
  • public relations representative

8. Which member of a CSIRT is responsible for tracking and managing the activities of all teams involved in the response process?

  • Technical lead
  • Incident coordinator
  • Public relations representative
  • Security analyst

Shuffle Q/A 1

Test your knowledge: Detection and documentation tools

9. What are some examples of types of documentation? Select three answers.

  • Final reports
  • Word processors
  • Policies
  • Playbooks

10. Fill in the blank: Ticketing systems such as _____ can be used to document and track incidents.

  • Cameras
  • Evernote
  • Jira
  • Excel

Leave a Reply