In this article i am gone to share Coursera Course: Sound the Alarm: Detection and Response Week 3 Practice Quiz | Test your knowledge: Post-incident actions Quiz Answer with you..

Enroll Link: Sound the Alarm: Detection and Response

Also visit:  Test your knowledge: Packet inspection Quiz Answer

Test your knowledge: Post-incident actions Quiz Answer

Question 1)
Which section of a final report contains a high-level overview of the security incident?

• Agenda
• Executive summary
• Recommendations
• Timeline

Question 2)
What are the goals of a lessons learned meeting? Select two answers.

• Develop a final report
• Review and reflect on a security incident
• Identify an employee to blame
• Identify areas of improvement

Question 3)
Fill in the blank: In the NIST Incident Response Lifecycle, reviewing an incident to identify areas for improvement during incident handling is known as the _____.

• Detection and Analysis phase
• Containment, Eradication and Recovery phase
• Preparation phase
• Post-incident activity phase

Question 4)
An organization has recovered from a ransomware attack that resulted in a significant disruption to their business operations. To review the incident, the security team hosts a lessons learned meeting. The team realizes that they could have restored the affected systems more quickly if they had a backup and recovery plan in place. Which question would have most likely helped the security team come to this conclusion?

• When did the incident happen?
• What could have been done differently?
• How was the incident detected?
• Who discovered the incident?