Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CompTiaSecurity+ Exam > Incident Response & Forensics > Flashcards

Incident Response & Forensics Flashcards

(7 cards)

Start Studying
1
Q

What are the steps in the incident response lifecycle?

A

Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is chain of custody in forensics?

A

A documented history of evidence handling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the difference between RTO and RPO?

A

RTO: time to restore, RPO: max data loss time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the first step of the incident response lifecycle?

A

Preparation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Why is maintaining chain of custody important in digital forensics?

A

To ensure evidence integrity in court

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What metric defines how long a business can tolerate a system outage?

A

RTO (Recovery Time Objective)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What should be done after eradicating a threat from a system?

A

Validate system integrity and monitor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CompTiaSecurity+ Exam (13 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions