CompTIA Security+ Operations and Incident Response Quiz 1

What is the first step in the incident response process?

A) Containment

B) Eradication

C) Identification

D) Recovery

Correct Answer: Identification

Which log type is used to track access and actions taken on systems?

A) System log

B) Access log

C) Application log

D) Audit log

Correct Answer: Audit log

What is a playbook in the context of incident response?

A) A list of employees

B) A pre-defined set of instructions for handling incidents

C) A log of daily tasks

D) A network map

Correct Answer: A pre-defined set of instructions for handling incidents

Which tool captures and analyzes network traffic to identify malicious activity?

A) SIEM

B) IDS

C) Firewall

D) Router

Correct Answer: IDS

What is the purpose of root cause analysis in incident response?

A) To prevent future incidents

B) To document an incident

C) To deploy firewalls

D) To identify log sources

Correct Answer: To prevent future incidents

Which technique is used to return compromised systems to their original state?

A) Restoration

B) Containment

C) Remediation

D) Patch Management

Correct Answer: Restoration

Which of the following is an example of a security incident?

A) Routine software update

B) Unauthorized access to sensitive data

C) Scheduled maintenance

D) Installing antivirus software

Correct Answer: Unauthorized access to sensitive data

What is the role of a security information and event management (SIEM) system?

A) To encrypt data

B) To monitor and analyze security events in real-time

C) To manage network devices

D) To configure firewalls

Correct Answer: To monitor and analyze security events in real-time

Which type of analysis identifies patterns of abnormal activity?

A) Forensic Analysis

B) Behavioral Analysis

C) Vulnerability Analysis

D) Statistical Analysis

Correct Answer: Behavioral Analysis

Which of these is the final step in an incident response process?

A) Containment

B) Recovery

C) Eradication

D) Lessons Learned

Correct Answer: Lessons Learned

Our CompTIA practice questions are made to look and feel like the real exam, so students can feel ready when test day comes. Each question covers real-life project management ideas, which helps learners understand and remember important topics. By focusing on key points and tricky areas, these questions help students build confidence and know how prepared they are. This way, users aren't just practicing—they're really learning what they need to do well on the exam.

Looking for more? Crucial Exams has hundreds of CompTIA Practice Questions, flashcards and more that are expert vetted and available on web, iOS and Android!

Pass your CompTIA exam with Crucial Exams