What is the next phase of this investigation?

An analyst received a ticket regarding a degraded processing capability for one of the HR department’s servers. On the same day, an engineer noticed a disabled antivirus software and was not able to determine when or why it occurred.
According to the NIST Incident Handling Guide, what is the next phase of this investigation?
A. Recovery
B. Detection
C. Eradication
D. Analysis

cisco-exams

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.