All Coursera Quiz Answers

Test your knowledge: Post-incident actions Quiz Answer

In this article i am gone to share Coursera Course: Sound the Alarm: Detection and Response Week 3 Practice Quiz | Test your knowledge: Post-incident actions Quiz Answer with you..

Enroll Link: Sound the Alarm: Detection and Response


Also visit:ย  Test your knowledge: Packet inspection Quiz Answer


 

Test your knowledge: Post-incident actions Quiz Answer

Question 1)
Which section of a final report contains a high-level overview of the security incident?

  • Agenda
  • Executive summary
  • Recommendations
  • Timeline

Question 2)
What are the goals of a lessons learned meeting? Select two answers.

  • Develop a final report
  • Review and reflect on a security incident
  • Identify an employee to blame
  • Identify areas of improvement

Question 3)
Fill in the blank: In the NIST Incident Response Lifecycle, reviewing an incident to identify areas for improvement during incident handling is known as the _____.

  • Detection and Analysis phase
  • Containment, Eradication and Recovery phase
  • Preparation phase
  • Post-incident activity phase

Question 4)
An organization has recovered from a ransomware attack that resulted in a significant disruption to their business operations. To review the incident, the security team hosts a lessons learned meeting. The team realizes that they could have restored the affected systems more quickly if they had a backup and recovery plan in place. Which question would have most likely helped the security team come to this conclusion?

  • When did the incident happen?
  • What could have been done differently?
  • How was the incident detected?
  • Who discovered the incident?