Which of these would NOT be DIRECT a benefit of planning for incident response?

Question 1 options:

a)	Being the victim of less incidents
b)	Preventing many incidents from spreading
c)	Detecting an incident more quickly
d)	Resolving an incident faster
e)	Getting a larger cybersecurity staff

Question 2 (4 points)

Please explain to me the challenges related to staffing an incident response team for an average organization. Is this easy or complex? Please explain why.

Question 2 options:

Question 3 (2 points)

In which phase of the NIST incident response lifecycle would we analyze the response process for a past incident?

Question 3 options:

a)	Lessons Learned
b)	Preparation
c)	Containment, Eradication & Recovery
d)	Detection & Analysis
e)	Post-Incident Activity

Question 4 (2 points)

Contoso Food is an online grocery that lets clients order groceries over the internet. Considering their business model, what security approach should they focus on to better protect themselves? Select the best answer.

Question 4 options:

a)	Reactive security
b)	Proactive security
c)	Operational security
d)	Any of them since the 3 security approaches provide similar protection value
e)	They should pick and choose practices from each of these approaches

Question 5 (2 points)

Identify which of the 3 statements below are events. Select the best answer.

Question 5 options:

a)	John opens a session to a server
b)	A packet is received by the network interface of Mohammed's laptop
c)	Alicia submits her work credentials to a malicious phishing website
d)	a) and b) are events
e)	a), b) and c) are events

Question 6 (2 points)

Contoso Corp manufactures Gizmos at their Montreal facility. Manufacturing these Gizmos requires custom machines that only exist there. They are worried about disruptions that might prevent them to deliver a constant supply of Gizmos that are essential for their clients. From the following list of plans, tell me which one should be an immediate priority for them.

Question 6 options:

a)	Crisis Communication Plan
b)	Information System Contingency Plan
c)	Cyber Incident Response Plan
d)	Business Continuity Plan
e)	Disaster Recovery Plan

Question 7 (2 points)

Which of these countries would likely represent the biggest threat to organizations investing in research and development?

Question 7 options:

a)	China
b)	Russia
c)	Iran
d)	North Korea
e)	None of these nations distinguishes themselves from the rest

Question 8 (2 points)

Identify which of the 3 statements below are incidents. Select the best answer.

Question 8 options:

a)	A vulnerable web form is being abused by a SQL injection attack
b)	Karen shops for Christmas gifts on her work laptop while she is at work instead of doing her job
c)	Andrew works at the Canada Revenue Agency and decides to check the tax report of his neighbor
d)	a),b) and c) are all incidents
e)	We don't have enough information to evaluate if a),b) and c) are incidents

Question 9 (2 points)

ALL organizations must ALWAYS be cyber resilient.

Question 9 options:

a)	True
b)	False

Question 10 (2 points)

Which incident response team member would provide independent oversight?

Question 10 options:

a)	IT auditor
b)	Management
c)	IT
d)	Team lead
e)	Legal