11. What did the attacker use to exploit the e-commerce web application vulnerability?

  • Data breach
  • Web server logs
  • Forced browsing
  • User error

12. What recommendations did the organization implement to prevent future recurrences? Select two answers.

  • Implemented access control mechanisms
  • Paid the $50,000 payment request
  • Provided identity protection services to the affected customers
  • Implemented routine vulnerability scans

Weekly challenge 3

13. A security analyst is investigating an alert involving a possible network intrusion. Which of the following tasks is the security analyst likely to perform as part of the Detection and Analysis phase of the incident response lifecycle? Select two answers.

  • Identify the affected devices or systems.
  • Implement a patch to fix the vulnerability.
  • Collect and analyze the network logs to verify the alert.
  • Isolate the affected machine from the network.

14. What are the benefits of documentation during incident response? Select three answers.

  • Quality
  • Clarity
  • Standardization
  • Transparency

15. An organization is working on implementing a new security tool, and a security analyst has been tasked with developing workflow documentation that outlines the process for using the tool. Which documentation benefit does this scenario outline?

  • Transparency
  • Clarity
  • Quality
  • Standardization

16. Chain of custody documents establish proof of which of the following? Select two answers.

  • Integrity
  • Validation
  • Quality
  • Reliability

17. Which of the following does a semi-automated playbook use? Select two.

  • Threat intelligence
  • Crowdsourcing
  • Human intervention
  • Automation

18. What are the steps of the triage process in the correct order?

  • Receive and assess, assign priority, collect and analyze
  • Assign priority, receive and assess, collect and analyze
  • Collect and analyze, assign priority, receive and assess
  • Receive and assess, collect and analyze, assign priority

Shuffle Q/A 2

19. Fill in the blank: Containment is the act of limiting and _____ additional damage caused by an incident.

  • eradicating
  • removing
  • preventing
  • detecting

20. Fill in the blank: Eradication is the complete _____ of all the incident elements from affected systems.

  • removal
  • prevention
  • isolation
  • disconnection

Leave a Reply