CCNA Cyber Ops FAQ: Incident Response Teams
Q1. Which of the following are examples of some of the responsibilities of a corporate CSIRT and the policies it helps create? (Select all that apply.)
A. Scanning vendor customer networks
B. Incident classification and handling
C. Information classification and protection
D. Information dissemination
E. Record retentions and destruction
Q2. Which of the following is one of the main goals of the CSIRT?
A. To configure the organization’s firewalls
B. To monitor the organization’s IPS devices
C. To minimize and control the damage associated with incidents, provide guidance for mitigation, and work to prevent future incidents
D. To hire security professionals who will be part of the InfoSec team of the organization.
Q3. Which of the following are the three metrics, or “scores,” of the Common Vulnerability Scoring System (CVSS)? (Select all that apply.)
A. Baseline score
B. Base score
C. Environmental score
D. Temporal score
Q4. Which of the following is typically a responsibility of a PSIRT?
A. Configure the organization’s firewall
B. Monitor security logs
C. Investigate security incidents in a security operations center (SOC)
D. Disclose vulnerabilities in the organization’s products and services
Q5. Which of the following are core responsibilities of a national CSIRT and CERT?
A. Provide solutions for bug bounties
B. Protect their citizens by providing security vulnerability information, security awareness training, best practices, and other information
C. Provide vulnerability brokering to vendors within a country
D. Create regulations around cybersecurity within the country
Q6. Which of the following is an example of a coordination center?
A. Cisco PSIRT
B. Microsoft MSRC
C. CERT division of the Software Engineering Institute (SEI)
Q7. Which of the following is an example of a managed security offering where incident response experts monitor and respond to security alerts in a security operations center (SOC)?
A. Cisco CloudLock
B. Cisco’s Active Threat Analytics (ATA)
C. Cisco Managed Firepower Service
D. Cisco Jasper
Q8. Which of the following aim to protect their citizens by providing security vulnerability information, security awareness training, best practices, and other information?
A. National CERTs
D. Global CERTs
Q9. Which of the following is the team that handles the investigation, resolution, and disclosure of security vulnerabilities in vendor products and services?
Q10. Which of the following is an example of a coordination center?
C. The CERT/CC division of the Software Engineering Institute (SEI)
D. USIRP from ICASI
Q11. Which of the following is the most widely adopted standard to calculate the severity of a given security vulnerability?
Q12. The CVSS base score defines Exploitability metrics that measure how a vulnerability can be exploited as well as Impact metrics that measure the impact on which of the following? (Choose three.)