Free CPTIA Questions for CREST Practitioner Threat Intelligence Analyst CPTIA Exam as PDF & Practice Test Engine
In which of the following types of insider threats an insider who is uneducated on potential security threats or simply bypasses general security procedures to meet workplace efficiency?
Correct Answer: A
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
Shiela is working at night as an incident handler. During a shift, servers were affected by a massive cyberattack. After she classified and prioritized the incident, she must report the incident, obtain necessary permissions, and perform other incident response functions. What list should she check to notify other responsible personnel?
Correct Answer: D
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
Drake is an incident handler in Dark CLoud Inc. He is intended to perform log analysis in order to detect traces of malicious activities within the network infrastructure.
Which of the following tools Drake must employ in order to view logs in real time and identify malware propagation within the network?
Which of the following tools Drake must employ in order to view logs in real time and identify malware propagation within the network?
Correct Answer: B
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
Which of the following risk mitigation strategies involves execution of controls to reduce the risk factor and brings it to an acceptable level or accepts the potential risk and continues operating the IT system?
Correct Answer: C
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
The following steps describe the key activities in forensic readiness planning:
1. Train the staff to handle the incident and preserve the evidence
2. Create a special process for documenting the procedure
3. Identify the potential evidence required for an incident
4. Determine the source of the evidence
5. Establish a legal advisory board to guide the investigation process
6. Identify if the incident requires full or formal investigation
7. Establish a policy for securely handling and storing the collected evidence
8. Define a policy that determines the pathway to legally extract electronic evidence with minimal disruption Identify the correct sequence of steps involved in forensic readiness planning.
1. Train the staff to handle the incident and preserve the evidence
2. Create a special process for documenting the procedure
3. Identify the potential evidence required for an incident
4. Determine the source of the evidence
5. Establish a legal advisory board to guide the investigation process
6. Identify if the incident requires full or formal investigation
7. Establish a policy for securely handling and storing the collected evidence
8. Define a policy that determines the pathway to legally extract electronic evidence with minimal disruption Identify the correct sequence of steps involved in forensic readiness planning.
Correct Answer: C
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
In which of the following phases of incident handling and response (IH&R) process the identified security incidents are analyzed, validated, categorized, and prioritized?
Correct Answer: C
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
Eric who is an incident responder is working on developing incident-handling plans and procedures. As part of this process, he is performing analysis on the organizational network to generate a report and to develop policies based on the acquired results.
Which of the following tools will help him in analyzing network and its related traffic?
Which of the following tools will help him in analyzing network and its related traffic?
Correct Answer: C
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
XYZ Inc. was affected by a malware attack and James, being the incident handling and response (IH&R) team personnel handling the incident, found out that the root cause of the incident is a backdoor that has bypassed the security perimeter due to an existing vulnerability in the deployed firewall. James had contained the spread of the infection and removed the malware completely. Now the organization asked him to perform incident impact assessment to identify the impact of the incident over the organization and he was also asked to prepare a detailed report of the incident.
Which of the following stages in IH&R process is James working on?
Which of the following stages in IH&R process is James working on?
Correct Answer: B
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
0
0
0
10
