Which of the following best describes the activities within the detection and investigation portion of the incident response plan?
A. Incident declaration, internal notification, and activation of an incident response team
B. Steps taken to prevent the incident from spreading
C. Establishing processes and a knowledge base to accurately detect and assess precursors and indicators
D. Elimination of components of the incident
Answer: C
Explanation: The detection and investigation portion of the incident response plan includes establishing processes and a knowledge base to accurately detect and assess precursors and indicators. Incident declaration, internal notification, and activation of an incident response team is part of an initial response. Containment includes the steps taken to prevent the incident from spreading. Eradication and recovery includes the elimination of components of the incident.
You might also like to view...
Match the following JavaScript terms to the descriptions
I. Arguments A. First line of a function that provides its name II. Signature B. Setting aside named memory space for a data element III. Declaration C. An interactive element displayed on a Web page. IV. Control Object D. A JavaScript keyword that refers to the current object V. This E. Another name for function parameters
To rearrange tiles on the Start screen, you can snap the tiles into place
Indicate whether the statement is true or false