100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Cyber Defense and Countermeasures (CIH) Questions and Answers Latest Updated 2024 $13.99   Add to cart

Exam (elaborations)

Cyber Defense and Countermeasures (CIH) Questions and Answers Latest Updated 2024

 3 views  0 purchase
  • Course
  • CIH
  • Institution
  • CIH

Cyber Defense and Countermeasures (CIH)

Preview 3 out of 22  pages

  • November 6, 2024
  • 22
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CIH
  • CIH
avatar-seller
julianah420
Cyber Defense and Countermeasures
(CIH)

Promiscuous Policy - answer A security policy that doesn't keep any restrictions on the
usage of system resources

Computer Incident Types - answer Malicious Code Attacks
Fraud & Theft
Unauthorized Access

Detecting and Assessing Incidents - answer The most challenging and essential parts of
the incident response process

Risk - answerThe probability of a threat agent exploiting a vulnerability and the
associated impact

Risk Assessment - answerA method of identifying vulnerabilities and threats as well as
assessing the possible impacts to determine where to implement security controls

Stages of the Incident Handling Process - answer* Preparation for Incident Handling
and Response

* Recording & Assignment

* Triage

* Notification

* Containment

* Evidence Gathering and Forensics

* Eradication

* Recovery

* Post-Incident Activities

Forensic Analysis - answerThe process of analyzing and reviewing the data gathered
from computer systems such as log files, system files, wen history files, emails and
installed applications

,Step 1: Preparation for Incident Handling and Response - answerIncludes performing
audit of the resources and assets, building/training the incident response team, and
gathering required tools

Step 2: Incident Recording and Assignment - answerIn this phase the initial
identification, reporting and recording takes place

Step 3: Incident Triage - answerIn this phase, the incident will be analyzed and
validated

Categorization and prioritization of Incidents occurs in this phase

Step 4: Notification - answerIn this phase the incident information will be informed to
various stakeholders, including management, third-party vendors, and clients

Step 5: Containment - answerIn this phase the spread of the incident is stopped

Step 6: Evidence Gathering and Forensic Analysis - answerIn this phase the IH&R team
will accumulate all possible evidence

Analysis of the incident occurs during this phase

Step 7: Eradication - answerIn this phase, the IH&R team will remove or eliminate the
root cause of the incident and close any attack vectors

Step 8: Recovery - answerIn this phase, the IH&R team will restore the affected
systems, services, and resources

Step 9: Post-Incident Activities - answerIn this phase the following activities are
performed:

* Incident Documentation
* Incident Impact Assessment
* Review and Revise Policies
* Close the Investigation
* Incident Disclosure

Techniques Used in the Containment Phase - answer▪ Disabling of Specific System
Services

▪ Changing of Passwords and Disabling Account

▪ Complete Backups of the Infected System

▪ Temporary Shutdown of the Compromised System

, ▪ System Restoration

▪ Maintaining a Low Profile

Phases of the Computer Forensics Investigation Process - answerPre-Investigation
Phase: Setup lab, build the team, assess risk

Investigation Phase: First response, Search/Seizure, collect/secure evidence, Data
Analysis

Post-Investigation Phase: Evidence Assessment, Documenting/Reporting, and
Testifying

Forensic Readiness - answer* Refers to an organization's ability to make optimal use of
digital evidence in a limited period of time and with minimal investigation costs.

* Enables an organization to collect and preserve digital evidence quickly and efficiently
with minimal investigation costs

* Consists of technical and non-technical actions

Objectives of Computer Forensics - answer* To track and prosecute perpetrators of a
cyber crime

* To gather evidence of cyber crimes in a forensically sound manner

* To estimate the potential impact of a malicious activity on the victim and assess the
intent of the perpetrator

* To find vulnerabilities and security loopholes that help attackers

* To recover deleted files, hidden files, and temporary data that could be used as
evidence

First Responder Common Mistakes - answer* Shutting down/rebooting victim's
computer

* Assuming some of the victim's PC components are reliable and usable

* Not having access to baseline documentation

* Not documenting the data collection process

Digital Evidence - answerAny information of probative value that is either stored or
transmitted in a digital form.

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller julianah420. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $13.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

75632 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$13.99
  • (0)
  Add to cart