Scribd
Upload
50 views

CISM - Module 4 - Quiz

The document is a review of an attempt at a quiz about incident management. It shows the learner answered 5 multiple choice questions correctly. The questions covered the primary purpose of incident management is to minimize impact, the importance of an incident response plan, how a SIEM can help investigations by consolidating logs, that incident triage involves prioritizing and assigning incidents, and that chain of custody refers to documenting possession of evidence.

Uploaded by

kemfang steve
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
50 views

CISM - Module 4 - Quiz

The document is a review of an attempt at a quiz about incident management. It shows the learner answered 5 multiple choice questions correctly. The questions covered the primary purpose of incident management is to minimize impact, the importance of an incident response plan, how a SIEM can help investigations by consolidating logs, that incident triage involves prioritizing and assigning incidents, and that chain of custody refers to documenting possession of evidence.

Uploaded by

kemfang steve
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Module 4: Quiz: Attempt review | IT Masters Short Courses https://learn.itmasters.edu.au/mod/quiz/review.php?

attempt=411604&cmid=3921

State Finished

Time taken 1 min 18 secs

Question 1 What is the PRIMARY purpose of incident management?


Correct

Marked out of Select one:


1.00
a. To ensure incidents are never made public.

b. To respond to incidents in a way that minimises impact.

c. To identify who in the organisation is the biggest risk.

d. To gain more funds for the information security team.

1 of 3 28-12-2023, 20:25
Module 4: Quiz: Attempt review | IT Masters Short Courses https://learn.itmasters.edu.au/mod/quiz/review.php?attempt=411604&cmid=3921

Question 2 Which document is considered crucial for effectively managing an incident?


Correct

Marked out of Select one:


1.00
a. Information security policy.

b. ISO 22001 compliance certificate.

c. Incident response plan.

d. Staff account password reset procedure.

Question 3 A SIEM system can assist in an incident investigation by:


Correct

Marked out of Select one:


1.00
a. Using artificial intelligence to identify an attacker’s identity.

b. By automatically disabling accounts that have been compromised.

c. By reducing storage use by removing logs from source systems.

d. Providing a single location to search a range of logs sources during an investigation.

2 of 3 28-12-2023, 20:25
Module 4: Quiz: Attempt review | IT Masters Short Courses https://learn.itmasters.edu.au/mod/quiz/review.php?attempt=411604&cmid=3921

Question 4 Incident triage is BEST described as:


Correct

Marked out of Select one:


1.00
a. Documenting the outcome of a post incident review.

b. Identifying the root cause of an incident.

c. Action taken to categorise, prioritise and assign incidents.

d. Reducing the spread and impact of an incident.

Question 5 A chain of custody can BEST be described as:


Correct

Marked out of Select one:


1.00
a. Documentation of evidence possession required to ensure evidence remains admissible.

b. The links between evidence collected during an investigation that makes a strong case.

c. The location of evidence found on computer systems that allows investigators to identify a
culprit.

d. A chain used to physically secure evidence from theft.

3 of 3 28-12-2023, 20:25

You might also like