Tabletop Interview.docx
Tabletop Interview
Resource covering IR titled 'Tabletop Interview'.
This page contains AI generated content. Errors or omissions may be present. Use human level critical thinking.
-
Q: What is the first question asked in the pre-tabletop interview?A: Who will be participating in the TableTop exercise? Legal? HR? Data Owners?
-
Q: What staffing question is asked?A: Current Size of your IR Team? Dedicated or Surge?
-
Q: What policy question is asked regarding authorization?A: Does your policy provide authorization to pull systems offline?
-
Q: What technical capabilities are queried?A: Centralized logging/SIEM, Network IDS, Packet Capture, Host IDS.
-
Q: What endpoint question is asked?A: Any endpoint forensic agent in place? what tools are currently being used?
-
Q: What external factors are considered?A: Externally facing web servers? Third party service providers? Cloud service providers?
-
Q: What user access questions are asked?A: Do users VPN? Prevalence and Policy concerning Mobile Devices, BYOD? Dual Factor Authentication?
Ask a question
Have a doubt or need clarification?
I’m here to help. Share your question, and I’ll get back to you with the guidance you need regarding the course.
Thank you!
I have received your message and I shall get back to you shortly.