Multiple Choice
An engineer discovered a breach, identified the threat's entry point, and removed access. The engineer was able to identify the host, the IP address of the threat actor, and the application the threat actor targeted. What is the next step the engineer should take according to the NIST SP 800-61 Incident handling guide?
A) Recover from the threat.
B) Analyze the threat.
C) Identify lessons learned from the threat.
D) Reduce the probability of similar threats.
Correct Answer:
Verified
Correct Answer:
Verified
Q126: Which principle is being followed when an
Q127: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1178/.jpg" alt=" Refer to the
Q128: What is a sandbox interprocess communication service?<br>A)
Q129: An analyst discovers that a legitimate security
Q130: What are two social engineering techniques? (Choose
Q132: What is an attack surface as compared
Q133: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1178/.jpg" alt=" Refer to the
Q134: Which NIST IR category stakeholder is responsible
Q135: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1178/.jpg" alt=" Refer to the
Q136: A security expert is working on a