Incident Response Procedures for Data Breaches
Exam 2025 | All Questions and Correct Answers |
Already Graded A+ | Verified Answers | Just
Released
What is the response to theft of confidential information without staff
involvement? ---------CORRECT ANSWER-----------------Immediately change UserIDs
and passwords of affected individuals pending investigation.
What type of media theft is specifically mentioned in the notes? ---------CORRECT
ANSWER-----------------Theft of media containing confidential information, such as
back-up tapes, hard-drives, CDs, DVDs, and paper reports.
What should be done if media containing confidential information is stolen? -------
--CORRECT ANSWER-----------------Change any UserIDs or global type passwords
that could have been compromised.
What should be done to ensure compliance after a breach? ---------CORRECT
ANSWER-----------------Review and update policies and procedures that are found
lacking.
,What is the consequence of a breach for responsible employees? ---------CORRECT
ANSWER-----------------They may face disciplinary actions, including termination of
employment.
What should be done if there is a physical loss of data? ---------CORRECT ANSWER-
----------------Conduct an inventory check to assess the physical loss.
What is the importance of investigating hardware or software changes after a
breach? ---------CORRECT ANSWER-----------------To prevent a recurrence of the
breach.
What should be done if proprietary information is compromised in a breach? ------
---CORRECT ANSWER-----------------Initiate steps to minimize damage and recover
informational integrity, including potential legal actions.
What should be assessed to harden against DDoS attacks? ---------CORRECT
ANSWER-----------------Evaluate newer equipment/software, check for viruses,
assess training needs for network engineers, and consider simulating attacks.
What is the first step when unencrypted account data is found during support? ---
------CORRECT ANSWER-----------------Determine the source of the unencrypted
data and log the issue as an 'Urgent' security issue in the Project Tracking System.
, What actions should be taken if unencrypted data is visible to an end-user? --------
-CORRECT ANSWER-----------------Follow breach instructions and determine what
information has been disclosed.
What should be done if unencrypted data is not visible to an end-user? ---------
CORRECT ANSWER-----------------Prepare a delete operation to remove the data
from the database.
What is a key component of the incident response for unencrypted data? ---------
CORRECT ANSWER-----------------Create an Incident Response Report detailing the
extent of data storage.
What should the development team be reminded of to prevent unencrypted data
issues? ---------CORRECT ANSWER-----------------The need to utilize sensitive data
flags.
What is the response to discovering an unauthorized wireless access point? --------
-CORRECT ANSWER-----------------Find and remove the unauthorized device from
the network and check access logs.
Exam 2025 | All Questions and Correct Answers |
Already Graded A+ | Verified Answers | Just
Released
What is the response to theft of confidential information without staff
involvement? ---------CORRECT ANSWER-----------------Immediately change UserIDs
and passwords of affected individuals pending investigation.
What type of media theft is specifically mentioned in the notes? ---------CORRECT
ANSWER-----------------Theft of media containing confidential information, such as
back-up tapes, hard-drives, CDs, DVDs, and paper reports.
What should be done if media containing confidential information is stolen? -------
--CORRECT ANSWER-----------------Change any UserIDs or global type passwords
that could have been compromised.
What should be done to ensure compliance after a breach? ---------CORRECT
ANSWER-----------------Review and update policies and procedures that are found
lacking.
,What is the consequence of a breach for responsible employees? ---------CORRECT
ANSWER-----------------They may face disciplinary actions, including termination of
employment.
What should be done if there is a physical loss of data? ---------CORRECT ANSWER-
----------------Conduct an inventory check to assess the physical loss.
What is the importance of investigating hardware or software changes after a
breach? ---------CORRECT ANSWER-----------------To prevent a recurrence of the
breach.
What should be done if proprietary information is compromised in a breach? ------
---CORRECT ANSWER-----------------Initiate steps to minimize damage and recover
informational integrity, including potential legal actions.
What should be assessed to harden against DDoS attacks? ---------CORRECT
ANSWER-----------------Evaluate newer equipment/software, check for viruses,
assess training needs for network engineers, and consider simulating attacks.
What is the first step when unencrypted account data is found during support? ---
------CORRECT ANSWER-----------------Determine the source of the unencrypted
data and log the issue as an 'Urgent' security issue in the Project Tracking System.
, What actions should be taken if unencrypted data is visible to an end-user? --------
-CORRECT ANSWER-----------------Follow breach instructions and determine what
information has been disclosed.
What should be done if unencrypted data is not visible to an end-user? ---------
CORRECT ANSWER-----------------Prepare a delete operation to remove the data
from the database.
What is a key component of the incident response for unencrypted data? ---------
CORRECT ANSWER-----------------Create an Incident Response Report detailing the
extent of data storage.
What should the development team be reminded of to prevent unencrypted data
issues? ---------CORRECT ANSWER-----------------The need to utilize sensitive data
flags.
What is the response to discovering an unauthorized wireless access point? --------
-CORRECT ANSWER-----------------Find and remove the unauthorized device from
the network and check access logs.
