Describe a tabletop exercise scenario for cyber incident response and its objectives.

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Get ready for the Cybersecurity and Digital Forensics Test with comprehensive multiple choice questions, flashcards, and detailed explanations. Enhance your skills and prepare for success in the digital security field!

Multiple Choice

Describe a tabletop exercise scenario for cyber incident response and its objectives.

Explanation:
A tabletop exercise is a discussion-based drill that uses a realistic, hypothetical incident to walk participants through how they would respond, make decisions, and coordinate with each other without triggering any real-world effects. It relies on injects—timed prompts like new alerts, user reports, or external communications—that push the team to decide on actions, communicate, and follow the incident response plan. This option fits best because it describes a scenario that simulates a cyber attack (such as ransomware) and uses injects to stimulate decision points. The objectives highlighted—testing decision-making, testing communication across teams, and ensuring adherence to the incident response plan—align precisely with what a tabletop exercise aims to assess: how well the organization detects, analyzes, communicates, and decides on containment, eradication, and recovery steps in a safe, controlled environment. Other options miss the core purpose. A live-fire drill in production is about physical safety and active, potentially dangerous actions, not a cyber incident tabletop. A software deployment exercise focuses on release processes rather than incident response coordination. A network scanning exercise is a technical activity that tests scanning capability and reconnaissance, not the structured, collaborative decision-making and plan-activation aspects of an incident response tabletop.

A tabletop exercise is a discussion-based drill that uses a realistic, hypothetical incident to walk participants through how they would respond, make decisions, and coordinate with each other without triggering any real-world effects. It relies on injects—timed prompts like new alerts, user reports, or external communications—that push the team to decide on actions, communicate, and follow the incident response plan.

This option fits best because it describes a scenario that simulates a cyber attack (such as ransomware) and uses injects to stimulate decision points. The objectives highlighted—testing decision-making, testing communication across teams, and ensuring adherence to the incident response plan—align precisely with what a tabletop exercise aims to assess: how well the organization detects, analyzes, communicates, and decides on containment, eradication, and recovery steps in a safe, controlled environment.

Other options miss the core purpose. A live-fire drill in production is about physical safety and active, potentially dangerous actions, not a cyber incident tabletop. A software deployment exercise focuses on release processes rather than incident response coordination. A network scanning exercise is a technical activity that tests scanning capability and reconnaissance, not the structured, collaborative decision-making and plan-activation aspects of an incident response tabletop.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy