To prepare for a third-party forensics investigation following an incident involving malware, the incident response team should:

• A.clean the malware.
• B.isolate the infected systems.
• C.image the infected systems.
• D.preserve the evidence.

Comment: *

Name: *

Email: *

Verification: *

What is the MAIN reason for an organization to develop an incident response plan?

• A.Prioritize treatment based on incident criticality.
• B.Provide a process for notifying stakeholders of the incident.
• C.Trigger immediate recovery procedures.
• D.Identify training requirements for the incident response team.

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY purpose of performing an internal attack and penetration test as part of an incident response program is to identify:

• A.weaknesses in network and server security.
• B.ways to improve the incident response process.
• C.potential attack vectors on the network perimeter.
• D.the optimum response to internal hacker attacks.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST mechanism to determine the effectiveness of the incident response process?

• A.Incident response metrics
• B.Periodic auditing of the incident response process
• C.Action recording and review
• D.Post incident review

Comment: *

Name: *

Email: *

Verification: *

Acceptable risk is achieved when:

• A.residual risk is minimized.
• B.transferred risk is minimized.
• C.control risk is minimized.
• D.inherent risk is minimized.

Comment: *

Name: *

Email: *

Verification: *