(latest update 2023)
WGU C842
- CyberDefense and
CounterMeasures
(EC Council CIH v2)
Verified And Rated
100% Correct!!
WGU C842 – CyberDefense and CounterMeasures (EC Council CIH v2)
Which of the following information security elements ensures that the information is
accessible only to those who are authorized to have access?
A authenticity
B confidentiality
C integrity
D availability – Answer B
Identify the information security element that determines trustworthiness of data or
resources in terms of preventing improper and unauthorized changes.
A integrity
B availability
C authenticity
D non-repudiation – Answer A
John, a security professional working for Xdoc Corporation, is implementing a
security strategy that uses multilayered protection throughout an information system
to help minimize any adverse impact from attacks on organizational assets.
Identify the security strategy John has implemented.
A covert channel
B defense-in-depth
C likelihood analysis
D three-way handshake – Answer B
Identify the security policy that doesn’t keep any restrictions on the usage of system
resources.
A promiscuous policy
B prudent policy
C paranoid policy
D permissive policy – Answer A
Carl is trying to violate the acceptable use of a network and computer use policy.
Under which category of the incident handling criteria does this scenario fall?
A CAT 4
B CAT 2
C CAT 1
D CAT 3 – Answer A
In which of the following stages of incident handling does classification and
prioritization of incidents take place?
A incident recording and assignment
B incident containment
C post-incident activities
D incident triage – Answer D
Which of the following terms reflects an organization’s mid-term and long-term goals
for incident management capabilities?
A IH&R team models
B IH&R mission
C IH&R staffing
D IH&R vision – Answer D
Which of the following terms defines the purpose and scope of the planned incident
handling and response capabilities?
A IH&R mission
B IH&R staffing
C IH&R team models
D IH&R vision – Answer A
Which of the following backup strategies provides daily status of the backup
situation, such as successful, unsuccessful, not run, out of space, etc.?
A security
B guarantee
C data availability
D notifications – Answer D
John is an incident response manager at XYZ Inc. As a part of IH&R policy of his
organization, he signed a contract between the organization and a third-party insurer
to protect organization individuals from different threats and risks.
What is the contract signed by John called?
A escrow agreement
B disclosure agreement
C ROE agreement
D cyber insurance – Answer D
Jason is an incident handler at The Rolls Inc. One day his organization encounters a
massive cyberattack, and he identifies a virus called “XYZ@ZYX” spreading among
the computers in the network (AKA, a level CAT 3 attack).
He has started investigating the issue; however, as an incident handler, within how
much time from detection of such malicious code attacks should he report to the
authorities?
A one week
B one fortnight
C three hours
D one hour – Answer D
Which of the following phases of the computer forensics investigation process
involves acquisition, preservation, and analysis of evidentiary data to identify the
source of a crime and the culprit behind it?
A pre-investigation phase
B investigation phase
C vulnerability assessment phase
D post-investigation phase – Answer B
Which of the following activities is performed by an incident handler during the preinvestigation phase of computer forensics?
A search and seizure
B evidence assessment
C data acquisition
D risk assessment – Answer D
James, an incident responder at Trinity Inc., is investigating a cybercrime. In the
process, he collected the evidence data from the victim systems and started
analyzing the collected data.
Identify the computer forensics investigation phase James is currently in.
A risk assessment phase
B post-investigation phase
C pre-investigation phase
D investigation phase – Answer D
Which of the following terms refers to an organization’s ability to make optimal use of
digital evidence in a limited period of time and with minimal investigation costs?
A expert testimony
B forensic readiness
C data acquisition
D first response – Answer B
Which of the following forensic readiness procedures helps an incident responder in
gathering useful information about the system behavior through file integrity
monitoring?
A host monitoring
B risk assessment
C network monitoring
D evidence assessment – Answer A
Flora is an incident handler at an organization that is implementing forensic
readiness procedures to handle evolving cyber threats. As part of this process, she
decided to use an advanced authentication protocol to secure the organizational
network resources.