Multiple Choice
The SOC is reviewing processes and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. This allowed the malware to spread to additional hosts before it was contained. Which of the following would be BEST to improve the incident response process?
A) Updating the playbooks with better decision points
B) Dividing the network into trusted and untrusted zones
C) Providing additional end-user training on acceptable use
D) Implementing manual quarantining of infected hosts
Correct Answer:
Verified
Correct Answer:
Verified
Q37: After entering a username and password, an
Q38: An analyst visits an Internet forum looking
Q39: Several employees return to work the day
Q40: A company uses wireless for all laptops
Q41: A company's Chief Information Officer (CIO) is
Q43: A security administrator suspects an employee has
Q44: A financial organization has adopted a new
Q45: A pharmaceutical sales representative logs on to
Q46: A security analyst is looking for a
Q47: A software developer needs to perform code-execution