sound the alarm detection and response coursera weekly challenge 1 answers

Test your knowledge: The incident response lifecycle

1. The first phase of the NIST Incident Response Lifecycle is Preparation. What are the other phases? Select three answers.

Answers

2. What type of process is the NIST Incident Response Lifecycle?

Answers

3. Fill in the blank: An _____ is an observable occurrence on a network, system, or device.

Answers

4. A security professional investigates an incident. Their goal is to gain information about the 5 W's, which include what happened and why. What are the other W's? Select three answers.

Answers

Test your knowledge: Incident response operations

5. What are the goals of a computer security incident response team (CSIRT)? Select three answers.

Answers

6. Which document outlines the procedures to follow after an organization experiences a ransomware attack?

Answers

7. Fill in the blank: The job of _____ is to investigate alerts and determine whether an incident has occurred.

Answers

8. Which member of a CSIRT is responsible for tracking and managing the activities of all teams involved in the response process?

Answers

Shuffle Q/A 1

Test your knowledge: Detection and documentation tools

9. What are some examples of types of documentation? Select three answers.

Answers

10. Fill in the blank: Ticketing systems such as _____ can be used to document and track incidents.

Answers

sound the alarm detection and response coursera weekly challenge 1 answers

Test your knowledge: The incident response lifecycle

1. The first phase of the NIST Incident Response Lifecycle is Preparation. What are the other phases? Select three answers.

2. What type of process is the NIST Incident Response Lifecycle?

3. Fill in the blank: An _____ is an observable occurrence on a network, system, or device.

4. A security professional investigates an incident. Their goal is to gain information about the 5 W's, which include what happened and why. What are the other W's? Select three answers.

Test your knowledge: Incident response operations

5. What are the goals of a computer security incident response team (CSIRT)? Select three answers.

6. Which document outlines the procedures to follow after an organization experiences a ransomware attack?

7. Fill in the blank: The job of _____ is to investigate alerts and determine whether an incident has occurred.

8. Which member of a CSIRT is responsible for tracking and managing the activities of all teams involved in the response process?

Shuffle Q/A 1

Test your knowledge: Detection and documentation tools

9. What are some examples of types of documentation? Select three answers.

10. Fill in the blank: Ticketing systems such as _____ can be used to document and track incidents.