Skip to Content
Home Incident Response & Reporting Incident Response & Reporting

Incident Response & Reporting

0 %

Completed

Course content

Incident Response & Reporting

10 XP
Prev Next
Fullscreen Share
Rating
0 0

There are no comments for now.

Join this Course
to be the first to leave a comment.

1. A consultant accidentally sends a spreadsheet containing client contact information to the wrong external recipient. What should they do FIRST?
Delete the sent email and take no further action Wait to see whether the recipient notices Report the incident immediately using approved procedures Ask the recipient to ignore the email and avoid escalation
2. Which of the following BEST describes a security incident?
Any event that may compromise confidentiality, integrity, or availability Only malware infections Only deliberate cyber attacks Planned software maintenance activities
3. Why is rapid incident reporting important?
It helps reduce impact and supports containment efforts It guarantees no investigation will occur It removes the need for password resets It prevents incidents from being documented
4. Which action should employees AVOID during a suspected incident?
Reporting concerns promptly Preserving evidence where possible Following incident response procedures Attempting unauthorised remediation without guidance
5. Which of the following is an example of a personal data breach?
Locking your workstation Completing security training Updating antivirus software Sending sensitive information to the wrong recipient
6. You accidentally approved an MFA request you did not initiate. What should you do?
Ignore it unless systems stop working Report the incident immediately Restart your device and continue working Wait until the next working day to mention it
7. Why should employees preserve evidence during incidents?
To support investigations and response activities To avoid involving IT teams To prevent passwords expiring To improve internet performance
8. Which of the following should ALWAYS be reported?
Suspicious emails Lost company devices Suspected unauthorised access All of the above
9. What is the BEST response if you are unsure whether something qualifies as a security incident?
Ignore it unless someone complains Report it or seek guidance appropriately Attempt to investigate independently Discuss it publicly with colleagues first
10. Which of the following is an example of poor incident handling?
Following escalation procedures Reporting incidents promptly Discussing confidential incident details publicly Cooperating with investigations
11. Why are phishing incidents particularly dangerous?
They only affect email systems They automatically disable antivirus software They cannot impact client environments They may lead to credential theft or unauthorised access
12. Which of the following is a physical security incident?
Tailgating into a restricted area Password rotation enforcement VPN configuration updates Scheduled backups
13. What should employees do if a company laptop containing sensitive information is lost?
Wait to see whether it is recovered Report the loss immediately Replace the device privately Continue working without reporting it
14. Which statement about incident response is correct?
Only IT staff are responsible for identifying incidents Employees should avoid reporting incidents caused accidentally All employees have responsibilities during incident response Minor incidents never need reporting
15. Why should incident details be controlled carefully?
To prevent incidents being documented To reduce audit requirements To avoid unnecessary disclosure and protect investigations To avoid informing management teams
16. Which of the following BEST demonstrates good incident response behaviour?
Attempting fixes independently before informing anyone Delaying reports until more evidence is available personally Discussing incidents informally in public channels Reporting concerns immediately and following guidance
17. What is the primary goal of incident containment?
To avoid investigations To prevent further damage or spread To restore deleted files immediately To eliminate reporting requirements
18. Which of the following may happen if incidents are not reported promptly?
Increased operational and regulatory risk Automatic resolution without impact Reduced need for investigation Improved client trust automatically
19. Why is a “no blame” reporting culture important?
It removes accountability entirely It prevents investigations from taking place It encourages employees to report incidents quickly and honestly It guarantees no disciplinary action will ever occur
20. What is the BEST overall approach to incident response?
Delay reporting until all facts are confirmed personally Report incidents promptly, follow procedures, and seek guidance when needed Attempt to resolve incidents independently without escalation Avoid documenting incidents unless requested