Foundation of CERT Operations

Pre-Assessment for lecture

1. Your understanding of what Cyber Incident Response is? *

o Assistance to online stores on how to avoid out-of-stocks status.

o Installation of Government Website
o Structured methodology for handling security incidents, breaches, and cyber
threats
o Mandate and responsible to response to cyber-attacks, threats and breaches

2. What phase is DETECTION in NIST IR Lifecycle? *

o Of Course, it’s the FIRST Phase

o I think it's the SECOND Phase
o No Sweat! it's the THIRD Phase
o Fourth Phase is way to go

3. Which among the statements below is a verified cyber incident? *

o When my internet is very slow.

o Transferring multiple video files from USB to my hard drive is slow.
o A person walked-into the cybersecurity office and reported that his computer is
acting weird.
o "Event" went into triaging and flagged as malicious

4. Upon checking her laptop, Ana noticed that her files have an unusual file
extension and found a new file named 'readme.txt.' What malware could have
affected her laptop? *

o Ransomware
o Spyware
o Trojan
o Adware

5. Collection of intermediary compromised systems that are used as a platform for

a DDoS attack *

o Malware
o Honeypot
o Botnet
o Rootkit

6. HTTP Scanning may or may not be a benign activity *

o True
o False
7. A type of cyber-attack targeting and attacking insecure elements of the software
supply chain *

o Supply Chain Attack

o Zero Day Attack
o Business Email Compromise
o Brute Force Attack

8. Considered as the fundamental service a CSIRT should offer *

o Vulnerability Management
o Incident Response
o Reverse Engineering
o Penetration Testing