After an identified security breach, an analyst is tasked to initiate the IR process. Which of the following is the NEXT step the analyst should take?
A. Recovery
B. Identification
C. Preparation
D. Documentation
E. Escalation
After an identified security breach, an analyst is tasked to initiate the IR process. Which of the following is the NEXT step the analyst should take?
A. Recovery
B. Identification
C. Preparation
D. Documentation
E. Escalation
You must be logged in to post a comment.
I think the answer is E, escalation
The steps of an IR:
Preparation
Identification
containment & escalation
Recovery and lesson learned.
The question states that ” after an Identified security breach”. I guess the threat was alreadt identified, thus it has to be escalated which is the next step per the IR steps.
4
1