You are an Incident manager in Orangesect.Inc. You have been tasked to set up a new extension of
your enterprise. The networking, to be done in the new extension, requires different types of cables
and an appropriate policy that will be decided by you. Which of the following stages in the Incident
handling process involves your decision making?
A.
Preparation
B.
Eradication
C.
Identification
D.
Containment
Explanation:
The preparation phase of the Incident handling process is responsible for defining rules,
collaborating human workforce, creating a back-up plan, and testing the plans for an enterprise.
Preparation is the phase of the Incident handling, which involves different processes that are as
follows:
Establishing applicable policiesBuilding relationships with key players
Building a response kit
Establish communication plan
Creating incident checklists
Performing threat modeling
Building an incident response team
Answer option C is incorrect. The Identification phase of the Incident handling process is the stage at
which the Incident handler evaluates the critical level of an incident for an enterprise or system. It is
an important stage where the distinction between an event and an incident is determined,
measured and tested.
Answer option D is incorrect. The Containment phase of the Incident handling process is responsible
for supporting and building up the incident combating process. It ensures the stability of the system
and also confirms that the incident does not get any worse. The Containment phase includes the
process of preventing further contamination of the system or network, and preserving the evidence
of the contamination.
Answer option B is incorrect. The Eradication phase of the Incident handling process involves the
cleaning-up of the identified harmful incidents from the system. It includes the analyzing of the
information that has been gathered for determining how the attack was committed.
To prevent the incident from happening again, it is vital to recognize how it was conceded out so
that a prevention technique is applied.
http://www.giac.org/resources/whitepaper/network/17.php