Joe an employee has reported to Ann a network technician an unusual device plugged into a USB port on a workstation in the call center. Ann unplugs the workstation and brings it to the IT department where an incident is opened. Which of the following should have been done first?
A. Notify the incident response team lead
B. Document chain of custody
C. Take a copy of volatile memory
D. Make an image of the hard drive
Answer: A. Notify the incident response team lead
You might also like to view...
Which of the following terms is used to describe a type of description label that is used within a change management ledger?
A. Change item B. Catalog label C. Configuration item D. Modification item
A stealthy attacker may cover its tracks by deleting log files, or terminating any active direct connections.
Answer the following statement true (T) or false (F)
After all the tables in a database application have been created and their primary keys designated, the tables can be related to one another via their primary keys so that a primary key for one table can be used to extract data from other tables as needed. _________________________
Answer the following statement true (T) or false (F)
If the execution of a program processes large volumes of input collected as groups or sets, the program is said to operate in a(n)
a) batch processing environment b) offline processing environment c) online processing environment d) on-demand processing environment