Who establishes incident response procedures that include network forensics? Group of answer choices Each organization NSA NIST Forensics International (FI)
Added by Jonathan L.
Step 1
Incident response procedures are guidelines that organizations follow to detect, respond to, and recover from security incidents, while network forensics involves the capture and analysis of network traffic to investigate and understand security breaches. Show more…
Show all steps
Your feedback will help us improve your experience
Akash M and 57 other AP CS educators are ready to help you.
Ask a new question
Labs
Want to see this concept in action?
Explore this concept interactively to see how it behaves as you change inputs.
Key Concepts
Recommended Videos
Study the following scenario and discuss and determine the incident response handling questions that should be asked at each stage of the incident response process. Consider the details of the organization and the CSIRC when formulating your questions. This scenario is about a small, family-owned investment firm. The organization has only one location and fewer than 100 employees. On a Tuesday morning, a new worm is released; it spreads itself through removable media, and it can copy itself to open Windows shares. When the worm infects a host, it installs a DDoS agent. It was several hours after the worm started to spread before antivirus signatures became available. The organization had already incurred widespread infections. The investment firm has hired a small team of security experts who often use the diamond model of security incident handling. Preparation:____________________________________________
Akash M.
Known as incident response, procedures for regaining control of systems and restoring operations to normalcy are the heart of the IR plan and the CSIRT's operations.
Haricharan G.
Digital Forensics and Incident Analysis and Response Quiz Question 1 Multiple choice question What is a MITRE ATT&CK framework? a knowledge base of threat actor behavior a collection of malware exploits and prevention solutions guidelines for the collection of digital evidence documented processes and procedures for digital forensic analysis Question 2 Multiple choice question Which two actions can help identify an attacking host during a security incident? (Choose two.) Determine the location of the recovery and storage of all evidence. Develop identifying criteria for all evidence such as serial number, hostname, and IP address. Validate the IP address of the threat actor to determine if it is viable. Use an Internet search engine to gain additional information about the attack. Log the time and date that the evidence was collected and the incident remediated. Question 3 Multiple choice question The company you work for has asked you to create a broad plan that includes DRP and getting critical systems to another location in case of disaster. What type of plan are you being asked to create? business continuity plan disaster recovery plan Network Admission Control annual loss expectancy Question 4 Multiple choice question After a threat actor completes a port scan of the public web server of an organization and identifies a potential vulnerability, what is the next phase for the threat actor in order to prepare and launch an attack as defined in the Cyber Kill Chain? exploitation reconnaissance weaponization action on objectives Question 5 Multiple choice question What is the purpose of the policy element in a computer security incident response capability of an organization, as recommended by NIST? It provides a roadmap for maturing the incident response capability. It details how incidents should be handled based on the organizational mission and functions. It defines how the incident response teams will communicate with the rest of the organization and with other organizations. It provides metrics for measuring the incident response capability and effectiveness.
Breanna O.
Recommended Textbooks
Computer Science and Information Technology
Introduction to Programming Using Python
Computer Science - An Overview
Transcript
18,000,000+
Students on Numerade
Trusted by students at 8,000+ universities
Watch the video solution with this free unlock.
EMAIL
PASSWORD