Backup and Recovery Quiz

Questions and Answers

Which methodology is mentioned in the text for incident response?

• IEEE
• NIST (correct)
• ISO
• OWASP

During which phase of the incident response methodology does the team identify incidents?

• Steady phase (correct)
• Recovery phase
• Containment phase
• Eradication phase

What is the purpose of the containment phase in incident response?

• To restore normal operations
• To stop the bleeding and prevent further damage (correct)
• To monitor for attacker returns
• To remove artifacts left by attackers

Why is the lessons learned phase important in incident response?

To improve future incident response and help the organization (A)

Which of the following is a recommended step for instant response management?

Creating overviews on identification and recovery (A)

What should viewers do if they have cool ideas for exercises?

Leave them in the comments below (D)

Which of the following is a key factor in protecting against ransomware attacks?

Having a break class backup account (A)

What is the purpose of a media contact in the event of a data leak?

To be the single point of contact for media inquiries (C)

What should be the focus when planning instant response scenarios?

Assets that are most valuable to the organization (C)

What is one way to prepare against a system getting hacked?

Implementing segmentation and patch management (D)

Which of the following is NOT a method mentioned in the text for notifying individuals about a media contact?

Making phone calls (B)

What is one method mentioned in the text for verifying the trustworthiness of a leak?

Searching the internet for mentions of the leak (A)

What is one possible containment tactic mentioned in the text for dealing with a breach?

Identifying and patching the system that caused the breach (C)

What is one method mentioned in the text for preparing against exfiltration of personal identifiable data?

Limiting permissions on regular users (C)

Which type of exercises can be used to practice instant response?

Tabletop exercises (C)

What is the goal of practicing instant response exercises?

To identify weaknesses in processes (C)

Why is it important to practice instant response before getting hacked?

To develop a more mature instant response organization (A)

Flashcards

NIST methodology

A standard methodology for incident response, often used.

Incident identification phase

The phase where incidents are discovered in incident response.

Containment phase

Stopping the spread of an incident's impact.

Lessons learned

Improving future incident response based on past experiences.

Instant response management

Process of handling immediate reactions to incidents, such as cyberattacks.

Break class backup account

A key part of ransomware protection, to ensure continuity.

Media contact

Designated point of contact for media inquiries in a crisis.

Instant response scenarios

Planned exercises focusing on valuable assets.

System hacking preparation

Protecting systems from hacking.

Notification methods

Ways of communicating information to individuals during security breaches.

Leak verification

Checking the validity of a security breach report.

Containment tactics

Actions taken to limit the damage of a security breach.

Personal data exfiltration

The unauthorized transfer of personal information.

Tabletop exercises

Simulations of incidents to test responses.

Practicing instant response

Doing drills to check responses before actual issues.

Weaknesses in processes

Flaws identified while performing incident response.

Mature instant response organization

An organization well-equipped to respond to incidents after practice.

Segmentation

Grouping of systems to limit the impact of breaches.

Patch management

Maintenance of system security through software updates.

Cool ideas for exercises

Useful suggestions for training events.