Incident Management Assessment form Incident Management Assessment FormIncident ManagementFirst NameLast NameWhat training did you take?- Select -Project ManagementNetworkingAutocadINFORMATION SECURITY INCIDENT MANAGEMENT (ISO/IEC 27035)Others1. A loss of _________ is the unauthorized disclosure of information. A. Confidentiality B. Authenticity C. Integrity D. Availability2. A________ level breach of security could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals. A. Low B. Moderate C. Normal D. High3. A flaw or weakness in a system’s design, implementation, or operation and management that could be exploited to violate the system’s security policy is a(n) __________. A. Countermeasure B. Adversary C. Vulnerability D. Risk4. An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) __________. A. Risk B. Attack C. Asset D. Vulnerability5. A(n) __________ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken. A. Attack B. Adversary C. Countermeasure D. Protocol6. Masquerade, falsification, and repudiation are threat actions that cause __________ threat consequences. A. Unauthorized disclosure B. Disruption C. Deception D. Usurpation7. A threat action in which sensitive data are directly released to an unauthorized entity is __________. A. Corruption B. Intrusion C. Disruption D. Exposure8. The _________ prevents or inhibits the normal use or management of communications facilities. A. Passive attack B. Denial of service C. Traffic encryption D. Masquerade9. A __________ is any action that compromises the security of information owned by an organization. A. Security mechanism B. Security policy C. Security attack D. Security service10. The assurance that data received are exactly as sent by an authorized entity is __________. A. Authentication B. Traffic control C. Traffic routing D. Traffic integrity11. What type of security breaches you may encounter as an incident responder? i. Cross-site scripting ii. SQL injection attacks iii. DoS attack iv. Man in the middle attack A. i AND iii only B. i, ii and iv only C. iii and iv only D. i, ii, iii and iv12. What are the roles and responsibilities of an incident responder? A. Incident responders are the first ones to deal with a security incident. B. Incident responders are the last ones to deal with a security incident. C. Incident responders are the third ones to deal with a security incident. D. Incident responders don't know their position.13. What is SIEM? A. Security Information Error Management B. Security information and event management C. Security incident and event management D. Security information and event manager14. What is CERT? A. Communication Emergency Response Team B. Computer Event Response Team C. Computer Emergency Response Team D. Conflict and Emergency Response Team15. What are the five phases of security incident management? A. Plan and prepare, Assessment and decision, Detection and reporting, Responses, and Lessons learnt. B. Plan and prepare, Responses, Assessment and decision, Detection and reporting, and Lessons learnt C. Plan and prepare, Responses, Detection and reporting, Assessment and decision, and Lessons learnt. D. Plan and prepare, Detection and reporting, Assessment and decision, Responses, and Lessons learnt. 16. The primary steps to minimize the direct negative impact of information security incidents are the following: i. stop and contain, ii. eradicate, iii. analyse and report, and iv. follow up. How long will it take to complete the project? A. ii, iii, iv and i B. i, ii, iv and iii C. i, ii, iii and iv D. ii, i, iii and iv17. What are the best practices to eliminate an insider attack? Monitoring the employee behavior and systems used by them Conducting risk assessment regularly Documenting and establishing security controls and policies Implementing secure backups and disaster recovery plans Applying strict account management policies Disabling employees from installing unauthorized software and visiting a malicious website through the enterprise’s network Select one option A. TRUE B. FALSESubmit
