11. Fill in the blank: Entry-level analysts might need to escalate various incident types, including _____.

  • noncompliance of tax laws
  • mismanagement of funds
  • improper usage
  • missing software

12. Improper usage can be intentional; other times it can be accidental. How should you decide which acts of improper usage should be escalated to a supervisor?

  • Improper usage incidents should always be escalated as a precaution.
  • Improper usage should never be escalated to a supervisor.
  • Only intentional acts of improper usage should be escalated.
  • Improper usage attempts that affect high-priority assets should be escalated; other improper usage instances are not as important.

13. You are alerted that a hacker has gained unauthorized access to one of your organization’s manufacturing applications. At the same time, an employee’s account has been flagged for multiple failed login attempts. Which incident should be escalated first?

  • Both security incidents should be escalated at the same time.
  • The incident involving the employee who is unable to log in to their account should be escalated first.
  • The incident involving the malicious actor who has gained unauthorized access to the manufacturing application should be escalated first.
  • The best thing to do is escalate the incident that your supervisor advised you to escalate first.

14. What is the best way to determine the urgency of a security incident?

  • Contact the risk assessment team to determine urgency.
  • Reach out to the organization’s Red Team supervisor to determine urgency.
  • Identify the importance of the assets affected by the security incident.
  • Email the Chief Information Security Officer (CISO) of the company for clarification.

15. Fill in the blank: An escalation policy is a set of actions that outlines _____.

  • how to manage the security stakeholders of an organization
  • how to escalate customer service complaints
  • how to defend an organization’s data and assets
  • how to handle a security incident alert

16. Fill in the blank: _____ is important when following a company’s escalation policy to ensure you follow the policy correctly.

  • Attention to detail
  • Delegating tasks
  • Reading quickly
  • Working remotely

17. Fill in the blank: An entry-level analyst helps the security team make sure the _____ person on the team is alerted when incidents occur.

  • technical
  • available
  • correct
  • most senior-level

18. Which of the following security incidents is likely to have the most negative impact on an organization?

  • An employee sends an email to the wrong colleague
  • Unauthorized access to a manufacturing application
  • An employee’s account flagged for multiple login attempts
  • An employee having a phone conversation about a work project in the breakroom

Shuffle Q/A 2

19. Fill in the blank: _____ is a skill that will help you identify security incidents that need to be escalated.

  • Graphics design
  • Attention to detail
  • Leadership
  • Linux operations

20. As a security analyst, you might be asked to escalate various incidents. Which of the following are common incident classification types? Select two answers.

  • Malware infection
  • SPAM
  • Gift card scam
  • Unauthorized access

Leave a Reply