Search This Blog

Final Assessment - Security Incident Management and Forensics HackerRank Solution Fresco Play

Q.1 "All incidents are events but an event is not necessarily an incident". True/False?

1) True

2) False

Ans: 1) True
Q.2 Which of the following pertains to legal evidence found in computers and digital storage media?

1) Monitoring

2) Computer Forensics


3) Security Incident Management

4) Logging

Ans: 2) Computer Forensics
Q.3 Which of the following is primarily used to collect device logs from several different machines in a central location for monitoring and review?

1) Network log

2) SerLog

3) Syslog

Ans: 3) Syslog

Q.4 Which of the following can be considered as information assets?

1) Application Software

2) System Software

3) All of these

4) Corporate Data

5) Client Data

Ans: 3) All of these
Q.5 It is ok if minor alterations occur in the evidence during forensic analysis. True/False?

1) True

2) False

Ans: 2) False

Q.6 What does live forensic acquisition acknowledge?

1) Integrity of the evidence

2) Confidentiality of evidence

3) Volatility of the evidence

Ans:3) Volatility of the evidence

Q.7 Which of the following are steps in the digital forensic process?

1) Seizure >Acquisition and analysis of digital media > Production of a report

2) Preparation > Detection > Analysis > Containment

Ans: 1) Seizure >Acquisition and analysis of digital media > Production of a report
Q.8 Which of the following are the phases of the incident response process as defined by NIST?

1) Preparation > Detection > Analysis > Containment

2) Detection > Analysis > Containment and Eradicaton > Post Incident Recovery

3) Detection > Analysis > Containment and Eradicaton > Recovery

4) Preparation > Detection and Analysis > Containment, Eradication, and Recovery > Post-Incident Activity

Ans: 4) Preparation > Detection and Analysis > Containment, Eradication, and Recovery > Post-Incident Activity

Q.9 Which of the following are useful incident analysis resources?

1) Documentation, network diagrams, critical file hash values

2) Phones and contact information

3) Removable media, forensic software, digital cameras, etc.

Ans: 1) Documentation, network diagrams, critical file hash values
Q.10 Which of the following tricks the user into thinking they are on a real system but in reality is a virtual environment to collect incidents?

1) Sandboxes

2) Honeypot

3) IDS

Ans: 1) Sandboxes

No comments:

Post a Comment

If you have any doubts, Please let us know.