WGU C842 – CYBER DEFENSE AND COUNTER
MEASURES (EC COUNCIL CIH V1) VERIFIED AND RATED
100% CORRECT ANSWERS/A+GRADE TEST BANK
Which of the following information security elements ensures that the information is
accessible only to those who are authorized to have access?
A authenticity
B confidentiality
C integrity
D availability - ANSWER: B
Identify the information security element that determines trustworthiness of data or
resources in terms of preventing improper and unauthorized changes.
A integrity
B availability
C authenticity
D non-repudiation - ANSWER: A
John, a security professional working for Xdoc Corporation, is implementing a
security strategy that uses multilayered protection throughout an information
system to help minimize any adverse impact from attacks on organizational assets.
Identify the security strategy John has implemented.
A covert channel
B defense-in-depth
C likelihood analysis
D three-way handshake - ANSWER: B
Identify the security policy that doesn't keep any restrictions on the usage of system
resources.
A promiscuous policy
B prudent policy
C paranoid policy
D permissive policy - ANSWER: A
Carl is trying to violate the acceptable use of a network and computer use policy.
Under which category of the incident handling criteria does this scenario fall?
A CAT 4
B CAT 2
,C CAT 1
D CAT 3 - ANSWER: A
In which of the following stages of incident handling does classification and
prioritization of incidents take place?
A incident recording and assignment
B incident containment
C post-incident activities
D incident triage - ANSWER: D
Which of the following terms reflects an organization's mid-term and long-term goals
for incident management capabilities?
A IH&R team models
B IH&R mission
C IH&R staffing
D IH&R vision - ANSWER: D
Which of the following terms defines the purpose and scope of the planned incident
handling and response capabilities?
A IH&R mission
B IH&R staffing
C IH&R team models
D IH&R vision - ANSWER: A
Which of the following backup strategies provides daily status of the backup
situation, such as successful, unsuccessful, not run, out of space, etc.?
A security
B guarantee
C data availability
D notifications - ANSWER: D
John is an incident response manager at XYZ Inc. As a part of IH&R policy of his
organization, he signed a contract between the organization and a third-party
insurer to protect organization individuals from different threats and risks.
What is the contract signed by John called?
A escrow agreement
B disclosure agreement
C ROE agreement
D cyber insurance - ANSWER: D
, Jason is an incident handler at The Rolls Inc. One day his organization encounters a
massive cyberattack, and he identifies a virus called "XYZ@ZYX" spreading among the
computers in the network (AKA, a level CAT 3 attack).
He has started investigating the issue; however, as an incident handler, within how
much time from detection of such malicious code attacks should he report to the
authorities?
A one week
B one fortnight
C three hours
D one hour - ANSWER: D
Which of the following phases of the computer forensics investigation process
involves acquisition, preservation, and analysis of evidentiary data to identify the
source of a crime and the culprit behind it?
A pre-investigation phase
B investigation phase
C vulnerability assessment phase
D post-investigation phase - ANSWER: B
Which of the following activities is performed by an incident handler during the pre-
investigation phase of computer forensics?
A search and seizure
B evidence assessment
C data acquisition
D risk assessment - ANSWER: D
James, an incident responder at Trinity Inc., is investigating a cybercrime. In the
process, he collected the evidence data from the victim systems and started
analyzing the collected data.
Identify the computer forensics investigation phase James is currently in.
A risk assessment phase
B post-investigation phase
C pre-investigation phase
D investigation phase - ANSWER: D
Which of the following terms refers to an organization's ability to make optimal use
of digital evidence in a limited period of time and with minimal investigation costs?
A expert testimony
B forensic readiness
C data acquisition
MEASURES (EC COUNCIL CIH V1) VERIFIED AND RATED
100% CORRECT ANSWERS/A+GRADE TEST BANK
Which of the following information security elements ensures that the information is
accessible only to those who are authorized to have access?
A authenticity
B confidentiality
C integrity
D availability - ANSWER: B
Identify the information security element that determines trustworthiness of data or
resources in terms of preventing improper and unauthorized changes.
A integrity
B availability
C authenticity
D non-repudiation - ANSWER: A
John, a security professional working for Xdoc Corporation, is implementing a
security strategy that uses multilayered protection throughout an information
system to help minimize any adverse impact from attacks on organizational assets.
Identify the security strategy John has implemented.
A covert channel
B defense-in-depth
C likelihood analysis
D three-way handshake - ANSWER: B
Identify the security policy that doesn't keep any restrictions on the usage of system
resources.
A promiscuous policy
B prudent policy
C paranoid policy
D permissive policy - ANSWER: A
Carl is trying to violate the acceptable use of a network and computer use policy.
Under which category of the incident handling criteria does this scenario fall?
A CAT 4
B CAT 2
,C CAT 1
D CAT 3 - ANSWER: A
In which of the following stages of incident handling does classification and
prioritization of incidents take place?
A incident recording and assignment
B incident containment
C post-incident activities
D incident triage - ANSWER: D
Which of the following terms reflects an organization's mid-term and long-term goals
for incident management capabilities?
A IH&R team models
B IH&R mission
C IH&R staffing
D IH&R vision - ANSWER: D
Which of the following terms defines the purpose and scope of the planned incident
handling and response capabilities?
A IH&R mission
B IH&R staffing
C IH&R team models
D IH&R vision - ANSWER: A
Which of the following backup strategies provides daily status of the backup
situation, such as successful, unsuccessful, not run, out of space, etc.?
A security
B guarantee
C data availability
D notifications - ANSWER: D
John is an incident response manager at XYZ Inc. As a part of IH&R policy of his
organization, he signed a contract between the organization and a third-party
insurer to protect organization individuals from different threats and risks.
What is the contract signed by John called?
A escrow agreement
B disclosure agreement
C ROE agreement
D cyber insurance - ANSWER: D
, Jason is an incident handler at The Rolls Inc. One day his organization encounters a
massive cyberattack, and he identifies a virus called "XYZ@ZYX" spreading among the
computers in the network (AKA, a level CAT 3 attack).
He has started investigating the issue; however, as an incident handler, within how
much time from detection of such malicious code attacks should he report to the
authorities?
A one week
B one fortnight
C three hours
D one hour - ANSWER: D
Which of the following phases of the computer forensics investigation process
involves acquisition, preservation, and analysis of evidentiary data to identify the
source of a crime and the culprit behind it?
A pre-investigation phase
B investigation phase
C vulnerability assessment phase
D post-investigation phase - ANSWER: B
Which of the following activities is performed by an incident handler during the pre-
investigation phase of computer forensics?
A search and seizure
B evidence assessment
C data acquisition
D risk assessment - ANSWER: D
James, an incident responder at Trinity Inc., is investigating a cybercrime. In the
process, he collected the evidence data from the victim systems and started
analyzing the collected data.
Identify the computer forensics investigation phase James is currently in.
A risk assessment phase
B post-investigation phase
C pre-investigation phase
D investigation phase - ANSWER: D
Which of the following terms refers to an organization's ability to make optimal use
of digital evidence in a limited period of time and with minimal investigation costs?
A expert testimony
B forensic readiness
C data acquisition
