Quiz Isol 632,

Daniel Kevins

0 comments

Test Information

Description

This quiz covers material in Chapter 7 – 8. There are 30 total questions in this quiz, which consists of true/false statements, fill in the blank, and multiple choice questions. In the fill in the blank portion of the quiz, you will type in your response to the question(s). There are incidences where you can receive credit for your response(s) if marked incorrect. I will go through the quiz after its due date, to make those adjustments. Please double check the spelling of your responses, as you will not receive credit for misspelled words.
Instructions
Multiple Attempts Not allowed. This test can only be taken once.
Force Completion This test can be saved and resumed later.

QUESTION 1

  1. A(n) _______________________ determines the initial scope of an organization’s prospective breach of confidentiality, integrity, and availability of its information and other assets.

0.10000 points

QUESTION 2

  1. Presentation and analysis necessitate specialized tools that a majority of IT professionals do not have, access; therefore the first-response expertise is shared among all IT professionals and is supplemented by procedures and documentation that preserve evidentiary evidence collection.

0.10000 points

QUESTION 3

  1. Digital forensics is rooted in combined skills from the and the disciplines.

0.10000 points

QUESTION 4

  1. A(n) ________________ must be completed immediately following an incident as it is an essential document that details an incidents activity from its first detection until final recovery action is completed.

0.10000 points

QUESTION 5

  1. The Copyright Act of 1976 statute extends protection to owners of _____________________, but this act by itself does not prevent an institution from searching and seizing computer systems in the public sector.

0.10000 points

QUESTION 6

  1. Organizations who aspire to develop effective policies must establish a(n) __________________ program, which would enable it to thoroughly integrate newly instituted policies into the organization and with its employees.

0.10000 points

QUESTION 7

  1. Disclosed data potentially can become unrecoverable during an attack on information systems, while damage data have a higher chance of recovery; yet, the hardest part of the recovery process is identifying what data was disclosed.

0.10000 points

QUESTION 8

  1. The United States of America’s court has recognized numerous exclusions in regards to warrant requirements as detailed in the ________________, which finds the balance between maintaining employee privacy and law enforcement and an organization’s need to conduct searches.

0.10000 points

QUESTION 9

  1. A(n) ________________ enables an organization to validate that its distributed documents are in intelligible forms and alternative languages.
    a. dissemination
    b. comprehension
    c. review
    d. compliance

0.10000 points

QUESTION 10

  1. Centralized log servers that are placed in highly protected areas in the network will not deter unauthorized access, but it will assist with post-event analysis to prevent reoccurrences.

0.10000 points

QUESTION 11

  1. A(n) _______________ enables an organization to validate its relevant policies are readily accessible in multiple formats for its entire workforce.
    a. comprehension
    b. review
    c. compliance
    d. dissemination

0.10000 points

QUESTION 12

  1. A(n) _________________ enables an organization to validate that its workforce grasps requirements and content within its policies.
    a. dissemination
    b. review
    c. comprehension
    d. compliance

0.10000 points

QUESTION 13

  1. The mission and philosophy of an organization’s CSIRT incident response is to or .

0.10000 points

QUESTION 14

  1. Inappropriate use and unauthorized access are indistinct incidents categorized as policy violations rather than system abuse.

0.10000 points

QUESTION 15

  1. A(n) ____________________ is a legal record of evidence that denotes and accounts for all points within the evidence lifecycle where an individual may have had access.

0.10000 points

QUESTION 16

  1. A(n) ____________________ process is initiated by individuals subjected to digital forensic techniques with an intent to hide or obfuscate items with evidentiary value.
    a. eForensics
    b. anti-discovery
    c. eDiscovery
    d. anti-forensics

0.10000 points

QUESTION 17

  1. Remediating traces of an attack and pre-incident incident resumption that are critical for maintaining an organization’s critical and vital systems requires a lot of time, and it is a resource-intensive endeavor.

0.10000 points

QUESTION 18

  1. A(n) ­­­­­­­­­­­­­­­­­____________________ is a process of collecting, reviewing, and searching for electronically stored records or files that have significant evidentiary value used during legal proceedings.
    a. digital discovery
    b. eForensics
    c. digital forensics
    d. eDiscovery

0.10000 points

QUESTION 19

  1. It is nearly impossible to monitor all communication channels that an attacker will use; therefore, more advanced attackers often use IRC channels on social media to gain recognition or credit they have inflicted on an organization.

0.10000 points

QUESTION 20

  1. Digital forensics comprises of the collect of graphics, information, images, or other electronic and physical items that have value for legal proceedings.

0.10000 points

QUESTION 21

  1. SP 800-88 Guideline for Media Sanitization recommends anti-forensic practices intended to safeguard data from disclosure.

0.10000 points

QUESTION 22

  1. The Incident Response Commander, also known as the CSIRT leaders, is primarily responsible for making determinations as to whether a specific type of incident, if any, has occurred and what strategical reactions are most appropriate to address the situation.

0.10000 points

QUESTION 23

  1. The laws governing search and seizure in the public sector are much more straightforward than those in the private sector.

0.10000 points

QUESTION 24

  1. A prepacked field kit that contains portal sets of equipment and tools needed by the digital forensic team to conduct an investigation is known as a(n) _______________________.
    a. jump bag
    b. forensic bag
    c. evidence kit
    d. portal set

0.10000 points

QUESTION 25

  1. A(n) __________________ is an attempt made by an organizational insider to either escalate his or her privileges to review information or to access information for which they had no prior permission.

0.10000 points

QUESTION 26

  1. A(n) ___________________ enables an organization to validate that its workforce is in accordance and act in support of its policies and guidelines.
    a. review
    b. comprehension
    c. compliance
    d. dissemination

0.10000 points

QUESTION 27

  1. On the conclusion of response activities, the CSIRT conducts a(n) ________________ assessment of the incident, documents its organizational impact, successes and failures surrounding response to the event, and the progress of its recovery efforts.

0.10000 points

QUESTION 28

  1. Ignorance of policy is a legal excuse for an employee.

0.10000 points

QUESTION 29

  1. An advantage of law enforcement involvement, immediately following an incident, is the loss of information control and evidence once seeking to prosecute an attacker.

0.10000 points

QUESTION 30

  1. The CSIRT must focus on eradication, containment, and recovery effort first before it attempts to identify the nature, source, or the individuals responsible for initiating the attack.

0.10000 points

Author Image

About the Author

Daniel Kevins

Follow me

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}