PrepAway - Latest Free Exam Questions & Answers

What are four steps to manage incident response handling?

What are four steps to manage incident response handling? (Choose four.)

PrepAway - Latest Free Exam Questions & Answers

A.
preparation

B.
qualify

C.
identification

D.
who

E.
containment

F.
recovery

G.
eradication

H.
lessons learned

One Comment on “What are four steps to manage incident response handling?

  1. Concerned Citizen says:

    Cisco official material says “Lessons Learned” is, sometimes, overlooked but it is a valuable step. The same material says step “Containment and Eradication” is sometime tiered depending on the scope of the incident.
    Also, “Recovery” is an important step cause it’s when mitigation is applied. So, according to the official material, step for incident response are:

    1.Preparation (important);
    2.Detection and Analysis (important)
    3.Containment and Eradication (can be tiered);
    4.Recovery (important and necessary);
    5.Lessons Learned (overlooked, but very important)

    My alternatives for this questions are:
    A C F H

    I noticed that “Containment and Eradication” is just one step in official study material, but in the question they are different alternatives and since we can only choose four alternatives…my choice is “Recovery” rather than “Containment” or “Eradication”.

    For more, search for NIST 800-61, REVISION 2 on google or access (if it is still available) http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf

    HTH,
    Concerned Citizen




    0



    0

Leave a Reply