C842 - CYBERDEFENSE AND
COUNTERMEASURES WGU
QUIZLET (EC COUNCIL CIH
V2) COMPREHENSIVE
QUESTIONS AND CORRECT
ANSWERS GRADED A+
[Document subtitle]
[DATE]
[COMPANY NAME]
[Company address]
, Contact for further consultation
1. Which of the following information security elements ensures that
the infor- mation is accessible only to those who are authorized to
have access?
A authenticity
B confidentiality
C integrity
D availability Answer: B
2. Identify the information security element that determines
trustworthiness of data or resources in terms of preventing improper
and unauthorized changes.
A integrity
B availability
C authenticity
D non-repudiation Answer: A
3. John, a security professional working for Xdoc Corporation, is
implementing a security strategy that uses multilayered protection
throughout an information system to help minimize any adverse
impact from attacks on organizational assets.
Identify the security strategy John has implemented.
A covert channel
B defense-in-depth
C likelihood analysis
D three-way handshake Answer: B
4. Identify the security policy that doesn't keep any restrictions on
the usage of system resources.
A promiscuous policy
B prudent policy
, Contact for further consultation
C paranoid policy
D permissive policy Answer: A
5. Carl is trying to violate the acceptable use of a network and
computer use policy. Under which category of the incident handling
criteria does this scenario fall?
A CAT 4
B CAT 2
C CAT 1
D CAT 3 Answer: A
6. In which of the following stages of incident handling does
classification and prioritization of incidents take place?
A incident recording and assignment
B incident containment
C post-incident activities
D incident triage Answer: D
7. Which of the following terms reflects an organization's mid-
term and long-term goals for incident management
capabilities?
A IH&R team models
B IH&R mission
C IH&R staffing
D IH&R vision Answer: D
8. Which of the following terms defines the purpose and scope of the
planned incident handling and response capabilities?
A IH&R mission
B IH&R staffing
C IH&R team models
D IH&R vision Answer: A
, Contact for further consultation
9. Which of the following backup strategies provides daily status of
the backup situation, such as successful, unsuccessful, not run, out
of space, etc.?
A security
B guarantee
C data availability
D notifications Answer: D
10. John is an incident response manager at XYZ Inc. As a part of
IH&R policy of his organization, he signed a contract between
the organization and a third-party insurer to protect organization
individuals from different threats and risks.
What is the contract signed by John called?
A escrow agreement
B disclosure agreement
C ROE agreement
D cyber insurance Answer: D
11. Jason is an incident handler at The Rolls Inc. One day his
organization encounters a massive cyberattack, and he identifies a
virus called "XYZ@ZYX" spreading among the computers in the
network (AKA, a level CAT 3 attack).
He has started investigating the issue; however, as an incident handler,
within how much time from detection of such malicious code attacks
should he report to the authorities?
A one week
B one fortnight
C three hours
D one hour Answer: D
12. Which of the following phases of the computer forensics
COUNTERMEASURES WGU
QUIZLET (EC COUNCIL CIH
V2) COMPREHENSIVE
QUESTIONS AND CORRECT
ANSWERS GRADED A+
[Document subtitle]
[DATE]
[COMPANY NAME]
[Company address]
, Contact for further consultation
1. Which of the following information security elements ensures that
the infor- mation is accessible only to those who are authorized to
have access?
A authenticity
B confidentiality
C integrity
D availability Answer: B
2. Identify the information security element that determines
trustworthiness of data or resources in terms of preventing improper
and unauthorized changes.
A integrity
B availability
C authenticity
D non-repudiation Answer: A
3. John, a security professional working for Xdoc Corporation, is
implementing a security strategy that uses multilayered protection
throughout an information system to help minimize any adverse
impact from attacks on organizational assets.
Identify the security strategy John has implemented.
A covert channel
B defense-in-depth
C likelihood analysis
D three-way handshake Answer: B
4. Identify the security policy that doesn't keep any restrictions on
the usage of system resources.
A promiscuous policy
B prudent policy
, Contact for further consultation
C paranoid policy
D permissive policy Answer: A
5. Carl is trying to violate the acceptable use of a network and
computer use policy. Under which category of the incident handling
criteria does this scenario fall?
A CAT 4
B CAT 2
C CAT 1
D CAT 3 Answer: A
6. In which of the following stages of incident handling does
classification and prioritization of incidents take place?
A incident recording and assignment
B incident containment
C post-incident activities
D incident triage Answer: D
7. Which of the following terms reflects an organization's mid-
term and long-term goals for incident management
capabilities?
A IH&R team models
B IH&R mission
C IH&R staffing
D IH&R vision Answer: D
8. Which of the following terms defines the purpose and scope of the
planned incident handling and response capabilities?
A IH&R mission
B IH&R staffing
C IH&R team models
D IH&R vision Answer: A
, Contact for further consultation
9. Which of the following backup strategies provides daily status of
the backup situation, such as successful, unsuccessful, not run, out
of space, etc.?
A security
B guarantee
C data availability
D notifications Answer: D
10. John is an incident response manager at XYZ Inc. As a part of
IH&R policy of his organization, he signed a contract between
the organization and a third-party insurer to protect organization
individuals from different threats and risks.
What is the contract signed by John called?
A escrow agreement
B disclosure agreement
C ROE agreement
D cyber insurance Answer: D
11. Jason is an incident handler at The Rolls Inc. One day his
organization encounters a massive cyberattack, and he identifies a
virus called "XYZ@ZYX" spreading among the computers in the
network (AKA, a level CAT 3 attack).
He has started investigating the issue; however, as an incident handler,
within how much time from detection of such malicious code attacks
should he report to the authorities?
A one week
B one fortnight
C three hours
D one hour Answer: D
12. Which of the following phases of the computer forensics
