Cyber 3 Unit 9: Incident Preparation, Response, and
Investigation study guide
Access Control Scheme Ans✓✓✓A framework embedded in hardware
and software that can be used for controlling access.
Accounting Ans✓✓✓A record that is preserved of who accessed the
network, what resources they accessed, and when they disconnected
from the network.
Admissability Ans✓✓✓Evidence that can hold up to judicial scrutiny
and can be entered as evidence.
Artifacts Ans✓✓✓Technology devices that may contain evidence in a
forensics investigation.
Attribute-Based Access Control (ABAC) Ans✓✓✓An access control
scheme that uses flexible policies that can combine attributes.
Authentication Servers Ans✓✓✓Servers that facilitate authentication of
an entity to access a network.
Authorization Ans✓✓✓Granting permission to take an action.
Autopsy Ans✓✓✓A digital forensics platform.
, Cache Ans✓✓✓A type of high-speed memory that stores recently used
information so that it can be quickly accessed again at a later time.
Call Manager Ans✓✓✓A platform used to provide telephony, video,
and web conferences.
Chain of Custody Ans✓✓✓A process that shows evidence was always
under strict control and no unauthorized person was given the
opportunity to corrupt the evidence.
Communication Plan Ans✓✓✓A formalized plan that outlines the
internal and external constituents who need to be informed of an
incident, how they should be informed, and when it should take place.
Conditional Access Ans✓✓✓Dynamically assigning roles to subjects
based on a set of rules.
Containment Ans✓✓✓An incident response plan step for limiting the
damage of the incident and isolating those systems that are impacted to
prevent further damage.
Cyber Kill Chain Ans✓✓✓An exploitation framework that outlines the
steps of an attack in an integrated and end-to-end process like a "chain."
Data Breach Notification Law Ans✓✓✓A law that requires user
notification of a data breach.
Investigation study guide
Access Control Scheme Ans✓✓✓A framework embedded in hardware
and software that can be used for controlling access.
Accounting Ans✓✓✓A record that is preserved of who accessed the
network, what resources they accessed, and when they disconnected
from the network.
Admissability Ans✓✓✓Evidence that can hold up to judicial scrutiny
and can be entered as evidence.
Artifacts Ans✓✓✓Technology devices that may contain evidence in a
forensics investigation.
Attribute-Based Access Control (ABAC) Ans✓✓✓An access control
scheme that uses flexible policies that can combine attributes.
Authentication Servers Ans✓✓✓Servers that facilitate authentication of
an entity to access a network.
Authorization Ans✓✓✓Granting permission to take an action.
Autopsy Ans✓✓✓A digital forensics platform.
, Cache Ans✓✓✓A type of high-speed memory that stores recently used
information so that it can be quickly accessed again at a later time.
Call Manager Ans✓✓✓A platform used to provide telephony, video,
and web conferences.
Chain of Custody Ans✓✓✓A process that shows evidence was always
under strict control and no unauthorized person was given the
opportunity to corrupt the evidence.
Communication Plan Ans✓✓✓A formalized plan that outlines the
internal and external constituents who need to be informed of an
incident, how they should be informed, and when it should take place.
Conditional Access Ans✓✓✓Dynamically assigning roles to subjects
based on a set of rules.
Containment Ans✓✓✓An incident response plan step for limiting the
damage of the incident and isolating those systems that are impacted to
prevent further damage.
Cyber Kill Chain Ans✓✓✓An exploitation framework that outlines the
steps of an attack in an integrated and end-to-end process like a "chain."
Data Breach Notification Law Ans✓✓✓A law that requires user
notification of a data breach.
