During which of the following phases of the Incident Response process should a security
administrator define and implement general defense against malware?

During which of the following phases of the Incident Response process should a security
administrator define and implement general defense against malware?

The Chief Technical Officer (CTO) has tasked The Computer Emergency Response Team (CERT)
to develop and update all Internal Operating Procedures and Standard Operating Procedures
documentation in order to successfully respond to future incidents. Which of the following stages
of the Incident Handling process is the team working on?

The helpdesk reports increased calls from clients reporting spikes in malware infections on their
systems. Which of the following phases of incident response is MOST appropriate as a FIRST
response?

The helpdesk reports increased calls from clients reporting spikes in malware infections on their
systems. Which of the following phases of incident response is MOST appropriate as a FIRST
response?

Who should be contacted FIRST in the event of a security breach?

Who should be contacted FIRST in the event of a security breach?

In which of the following steps of incident response does a team analyse the incident and
determine steps to prevent a future occurrence?

After a recent security breach, the network administrator has been tasked to update and backup
all router and switch configurations. The security administrator has been tasked to enforce stricter
security policies. All users were forced to undergo additional user awareness training. All of these
actions are due to which of the following types of risk mitigation strategies?

A server dedicated to the storage and processing of sensitive information was compromised with a
rootkit and sensitive data was extracted. Which of the following incident response procedures is
best suited to restore the server?