Docstoc

Incident Response Policy - QUIZ

Document Sample
Incident Response Policy - QUIZ Powered By Docstoc
					                Incident Response Quiz
  The buttons provided will navigate you through
  the quiz. Please click the appropriate buttons or
  images when taking the quiz.

  Do NOT use the keyboard or mouse-wheel to
  navigate the quiz. Use only the buttons provided.

  Good Luck!


Click the button to get started!
               Question 1 of 5
Which of the following is not a reason for
formulating the IT Incident Response
Policy?
  To ensure the secure operation of IT
  Resources
  To protect the data security and privacy of
  students, faculty, and staff
  To ensure IT systems are efficient
  To respond appropriately to IT Incidents.
                  Incorrect

Sorry, that answer is incorrect. Please
 click the back arrow and try again.
                  Correct!
Great Job! You are correct! Click the
arrow to move to the next question.
                 Question 2 of 5
The CIRT (Computer Incident Response Team)
has the right to access which of the following
resources (subject to law and University
policies)?
   System and application logs
   Passive network traffic monitoring
   Active scanning of systems suspected of
   violating university policy, or systems
   exhibiting symptoms of compromise
   All of the above
                  Incorrect

Sorry, that answer is incorrect. Please
 click the back arrow and try again.
                  Correct!
Great Job! You are correct! Click the
arrow to move to the next question.
                Question 3 of 5

If you are uncertain about whether a
particular event satisfies the definition of
an IT Incident, it’s best not to report it.


     True

     False
                  Incorrect

Sorry, that answer is incorrect. Please
 click the back arrow and try again.
                         Correct!
You are correct! If it is unclear as to whether or
not an event constitutes an IT Incident, such an
event should be sent to the CIR for evaluation.
Click the arrow to move to the next question.
                  Question 4 of 5

The person who reports the event should:

   Document relevant information

   Fill out a confidentiality wavier

   Also report the event to Human Resources

   Always notify the authorities
                  Incorrect

Sorry, that answer is incorrect. Please
 click the back arrow and try again.
                              Correct!
Great Job! The person who reports the event, including
complaints relayed on behalf of customers, should
document and report any available relevant information
about the event, including, but not limited to dates, times,
persons/resources involved, and IP addresses.
               Question 5 of 5

IT incidents that are also suspected to be
crime related should be reported to:

  Law Enforcement Agency Only

  CIR Team Only

  Law Enforcement, then CIR Team

  CIR Team, then Law Enforcement
                  Incorrect

Sorry, that answer is incorrect. Please
 click the back arrow and try again.
                   Correct!
Great Job! You are correct! Click the
arrow to move to the final slide.
                   You’re Finished!
Congratulations on finishing the quiz!

If you would like to review this quiz by taking it
again, click “Start Over”

To close this presentation, click the “X” icon


                                  Start
                                  Over

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:6
posted:7/31/2012
language:English
pages:17