Check any website status at: Is Web Down?

Question 25 of 76 from exam 350-201-CBRCOR: Performing CyberOps Using Cisco Security Technologies

Question 25 of 76 from exam 350-201-CBRCOR: Performing CyberOps Using Cisco Security Technologies

Prev Question Next Question

Question

DRAG DROP - Drag and drop the NIST incident response process steps from the left onto the actions that occur in the steps on the right.

Select and Place:

Eradicate

Review and document the breach, and strengthen systems against
future attacks.

Contain

Conduct incident response role training for employees.

Post-Incident Handling

Determine where the breach started and prevent the attack from

spreading.
Recover Determine how the breach was discovered and the areas that were
impacted.
Analyze Eliminate the root cause of the breach and apply updates to the
system.
Prepare Get systems and business operations up and running, and ensure

that the same type of attack does not occur again.

Explanations

Eradicate Contain
Contain Prepare
Post-Incident Handling Recover
Recover Analyze
Analyze Eradicate
Prepare Post-Incident Handling

https://www.securitymetrics.com/blog/6-phases-incident-response-plan

Prev Question Next Question