Alice is an incident handler and she has been informed by her lead that the data on affected systems must be backed up so that it can be retrieved if it is damaged during the incident response process. She was also told that the system backup can also be used for further investigation of the incident.

In which of the following stages of the incident handling and response (IH&R) process does Alice need to do a complete backup of the infected system?

Reveal Solution Hide Solution

Clark, a professional hacker, successfully exploited the web application of a target organization by tampering the form and parameter values. In result, Clark gained access to the information assets of the organization. Identify the vulnerability in the web application exploited by the attacker.

Reveal Solution Hide Solution

Clark is investigating a cybercrime at TechSoft Solutions. While investigating the case, he needs to collect volatile information such as running services, their process IDs, start mode, state, and status.

Which of the following commands will help Clark to collect such information from running services?

Reveal Solution Hide Solution

Sam, an employee from a multinational company, send se-mails to third-party organizations with a spoofed email address of his organization.

How can you categorize this type of incident?

Reveal Solution Hide Solution

Bob, an incident responder at CyberTech Solutions, is investigating a cybercrime attack that occurred in the client company. He acquired the evidence data, preserved it, and started performing analysis on the acquired evidentiary data to identify the source of the crime and the culprit behind the incident. Identify the forensic investigation phase in which Bob is currently in.

Reveal Solution Hide Solution

XYZ Inc. was affected by a malware attack and James, being the incident handling and response (IH&R) team personnel handling the incident, found out that the root cause of the incident is a backdoor that has bypassed the security perimeter due to an existing vulnerability in the deployed firewall. James had contained the spread of the infection and removed the malware completely. Now the organization asked him to perform an incident impact assessment to identify the impact of the incident over the organization and he was also asked to prepare a detailed report of the incident.

Which of the following stages in IH&R process is James working on?

Reveal Solution Hide Solution

James has been appointed as an incident handing and response (IH&R) team lead and was assigned to build an IH&R plan and his own team in the company. Identify the IH&R process step James is currently working on.

Reveal Solution Hide Solution

Drake is an incident handler at Dark Cloud Inc. Heist asked with performing log analysis in order to detect traces of malicious activities within the network infrastructure.

Which of the following tools should Drake employ in order to view logs in real time and identify malware propagation within the network?

Reveal Solution Hide Solution

Bran is an incident handler who is assessing the network of the organization. He wants to detect ping sweep attempts on the network using Wire shark.

Which of the following W re shark filters would Bran use to accomplish this task?

Reveal Solution Hide Solution

Which of the following is a standard framework that provides recommendations for implementing information security controls for organizations that initiate, implement, or maintain information security management systems (ISMSs)?

Reveal Solution Hide Solution