21. An employee attempting to access software on their work device for personal use can be an example of what security incident type?
- Unauthorized access
- Improper usage
- Malware infection
- Social engineering
22. What is a potential negative consequence of not properly escalating a small security incident? Select two answers.
- The company can suffer a loss in reputation.
- The company’s antivirus software can be uninstalled.
- The company’s employee retention percentage can decrease drastically.
- The company can suffer a financial loss.
23. You have recently been hired as a security analyst for an organization. You previously worked at another company doing security, and you were very familiar with their escalation policy. Why would it be important for you to learn your new company’s escalation policy?
- Every company has a different escalation policy, and it is an analyst’s job to ensure incidents are handled correctly.
- The policy will help you analyze data logs.
- The policy will advise you on who to report to each day.
- The escalation policy will help you with vulnerability scanning.
24. Fill in the blank: An _____ will help an entry-level analyst to know when and how to escalate a security incident.
- executive security dashboard
- escalation policy
- employee security handbook
- blue team CIRT guideline
25. Fill in the blank: Incident escalation is the process of _____.
- reporting a security incident to a human resource department for compliance purposes
- properly assessing security events
- creating a visual dashboard that shows security stakeholders the amount of security incidents taking place
- identifying a potential security incident , triaging it, and handing it off to a more experienced team member
26. What does attention to detail and following an organization’s security event notification process help you with?
- Vulnerability scanning
- Incident escalation
- Security data forensics
- Log monitoring
27. What elements of security do terms like unauthorized access, malware infections, and improper usage describe?
- Public press releases
- Phishing attempts
- Company job descriptions
- Incident classification types
28. Which of the following security incidents can have the most damaging impact to an organization?
- A system containing customer PII is compromised
- A company’s social media account is compromised
- The guest Wi-Fi network for a company is hacked
- An employee forgets their password and logs too many failed login attempts
Shuffle Q/A 3
29. A security analyst for an organization notices unusual log activity in an app that was recently banned from the organization. However, the analyst forgets to escalate this activity to the proper personnel. What potential impact can this small incident have on the organization?
- Small incidents rarely have any impact on an organization.
- The organization might need to delete its social media profile.
- It can become a bigger threat.
- The third-party assessment team might be removed by the organization.
30. What security term is defined as a set of actions that outlines who should be notified when an incident alert occurs?
- A security risk assessor
- An escalation policy
- A network architecture alert
- A vulnerability scan system