Which incidence response step includes identifying all hosts affected by an attack?

– by 1

Which incidence response step includes identifying all hosts affected by an attack?
A. detection and analysis
B. post-incident activity
C. preparation
D. containment, eradication, and recovery

cisco-exams

One thought on “Which incidence response step includes identifying all hosts affected by an attack?

    1. Eradication and Recovery

      “After an incident has been contained, eradication may be necessary to eliminate components of the
      incident, such as deleting malware and disabling breached user accounts, as well as identifying and
      mitigating all vulnerabilities that were exploited. During eradication, it is important to identify all affected
      hosts within the organization so that they can be remediated”
      -NIST.SP.800-61r2. page 46

      2
      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.