PrepAway - Latest Free Exam Questions & Answers

Which of the following Incident handling process phases is responsible for defining rules…?

Which
of the following Incident handling process phases is responsible for defining rules, collaborating
human workforce, creating a back-up plan, and testing the plans for an enterprise?

PrepAway - Latest Free Exam Questions & Answers

A.
Eradication phase

B.
Recovery phase

C.
Containment phase

D.
Preparation phase

E.
Identification phase

Explanation:
The preparation phase of the Incident handling process is responsible for defining
rules, collaborating human workforce, creating a back-up
plan, and testing the plans for an enterprise. Preparation is the phase of the Incident handling, which
involves different processes that are as
follows:
Establishing applicable policies
Building relationships with key players
Building a response kit
Establish communication plan
Creating incident checklists
Performing threat modeling
Building an incident response team
Answer option E is incorrect. The Identification phase of the Incident handling process is the stage at
which the Incident handler evaluates
the critical level of an incident for an enterprise or system. It is an important stage where the
distinction between an event and an incident is
determined, measured and tested.
Answer option C is incorrect. The Containment phase of the Incident handling process is responsible
for supporting and building up the
incident combating process. It ensures the stability of the system and also confirms that the incident
does not get any worse. The
Containment phase includes the process of preventing further contamination of the system or
network, and preserving the evidence of the
contamination.

Answer option A is incorrect. The Eradication phase of the Incident handling process involves the
cleaning-up of the identified harmful
incidents from the system. It includes the analyzing of the information that has been gathered for
determining how the attack was committed.
To prevent the incident from happening again, it is vital to recognize how it was conceded out so
that a prevention technique is applied.
Answer option B is incorrect. The Recovery phase of the Incident handling process is the stage at
which the enterprise or the system is settled
back to its balanced production state. It involves the quality assurance tests and re-evaluation of the
system for the purpose of the system
revival or recovery.


Leave a Reply