Which of the following best describes the purpose of the detection and investigation portion of the incident response plan?
A. To describe the steps that need to be taken to prevent the incident from spreading
B. To establish processes and knowledge base to accurately detect and assess precursors and indicators
C. To describe incident declaration and notification
D. To describe the steps to eliminate the components of the incident
Answer: B
Explanation: The detection and investigation portion of the incident response plan includes the processes and knowledge base to accurately detect and assess precursors and indications of an incident.
You might also like to view...
________ are lines used to connect the label to the slice of pie
Fill in the blank(s) with correct word
Suppose you design a computer called the Big Looper 2000 that will never be used to call procedures and that will automatically jump back to the beginning of memory when it reaches the end. Do you need a program counter? Justify your answer.
What will be an ideal response?