Multiple Choice
The SOC is reviewing processes and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. This allowed the malware to spread to additional hosts before it was contained. Which of the following would BEST to improve the incident response process?
A) Updating the playbook with better decision points
B) Dividing the network into trusted and untrusted zones
C) Providing additional end-user training on acceptable use
D) Implementing manual quarantining of infected hosts
Correct Answer:
Verified
Correct Answer:
Verified
Q43: A security administrator is reviewing the following
Q44: A company is transitioning to a new
Q45: During a security assessment, an organization is
Q46: A SaaS provider decides to offer data
Q47: A network engineer is attempting to design-in
Q49: The risk subcommittee of a corporate board
Q50: Click on the exhibit buttons to view
Q51: The Chief Information Officer (CISO) is concerned
Q52: Staff members are reporting an unusual number
Q53: A security analyst has requested network engineers