PrepAway - Latest Free Exam Questions & Answers

which of the following phases of the Incident Response …

During which of the following phases of the Incident Response process should a security administrator define
and implement general defense against malware?

PrepAway - Latest Free Exam Questions & Answers

A.
Lessons Learned

B.
Preparation

C.
Eradication

D.
Identification

Explanation:
Incident response procedures involve: Preparation; Incident identification; Escalation and notification; Mitigation
steps; Lessons learned; Reporting; Recover/reconstitution procedures; First responder; Incident isolation
(Quarantine; Device removal); Data breach; Damage and loss control. It is important to stop malware before it
ever gets hold of a system –thus, you should know which malware is out there and take defensive measures –
this means preparation to guard against malware infection should be done.


Leave a Reply