Chapter Review Questions
The following questions are designed to check that you have understood the information in the chapter. For a realistic practice exam, please check the practice resources in our exclusive online study tools (refer to Chapter 29, Accessing the online practice resources for instructions to unlock them). The answers and explanations to these questions can be found via this link.
- You are the lead incident responder for a large organization’s cybersecurity team. During the Analysis phase of incident response, you discover a sophisticated malware infection on a critical server that contains sensitive data and supports critical business operations. What should be your immediate action?
- Isolate the server and proceed with root cause analysis.
- Disconnect the server from the network and restore from backups.
- Immediately report the incident to legal authorities.
- Conduct a tabletop exercise to assess incident response procedures.
- You are the cybersecurity...