You are the CISO of your company. You have implemented an incident response program to handle security incidents. The on-premise ERP system gets in trouble and becomes unresponsive. The availability of the ERP system has been harmed. To which of the following should the ERP users report this incident?
A. Service Desk
B. Network Administrator
C. Chief Information Officer (CIO)
D. Computer Security Incident Response Team (CSIRT)

Continue reading →

1. You are the CISO of your company. You have implemented an incident response program to handle security incidents. The on-premise ERP system gets in trouble and becomes unresponsive. The availability of the ERP system has been harmed. To which of the following should the ERP users report this incident?
   A. Service Desk
   B. Network Administrator
   C. Chief Information Officer (CIO)
   D. Computer Security Incident Response Team (CSIRT)
2. You are the CISO of your company. You have implemented an incident response program to handle security incidents. Your online e-commerce web site is suffering distributed denial-of-service (DDoS) attack. The incident response team received a report from users that the e-commerce web site is offline and unreachable. What should the incident response team do first?
   A. Collect and preserve evidence
   B. Report to the senior management
   C. Document and prioritize the incident
   D. Contain, Eradicate, and Recover

Continue reading →