Which of the following stages of the Incident Handling process is the team working on?

seenagapeNovember 11, 2016

The Chief Technical Officer (CTO) has tasked The Computer Emergency Response Team (CERT) to develop
and update all Internal Operating Procedures and Standard Operating Procedures documentation in
order to successfully respond to future incidents. Which of the following stages of the Incident Handling
process is the team working on?

PrepAway - Latest Free Exam Questions & Answers

A.
Lessons Learned

B.
Eradication

C.
Recovery

D.
Preparation

Explanation:
Incident response procedures involves: Preparation; Incident identification; Escalation and notification;
Mitigation steps; Lessons learned; Reporting; Recover/reconstitution procedures; First responder;
Incident isolation (Quarantine; Device removal); Data breach; Damage and loss control. Developing and
updating all internal operating and standard operating procedures documentation to handle future
incidents is preparation.
Incorrect Answers:
A: Lessons learned presumes that the incident already occurred and developing and updating procedures
for handling future incidents means that the incident has not occurred yet.
B: Eradication assumes that the incident already occurred.
C: Recovery is a phase that happens after the incident occurred.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, p. 429

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

CompTIA Exam Questions

Free CompTIA Study Guide

Which of the following stages of the Incident Handling process is the team working on?

Leave a Reply Cancel reply