Which information must be left out of a final incident report?
A. server hardware configurations
B. exploit or vulnerability used
C. impact and/or the financial loss
D. how the incident was detected
Which information must be left out of a final incident report?
Definitely the answer is A
The user’s name, user ID, and contact information (e.g., phone number, email address)
The workstation’s location, model number, serial number, hostname, and IP address
The date and time that the incident occurred
A step-by-step explanation of what happened, including what was done to the workstation after the infection was discovered. This explanation should be detailed, including the exact wording of messages, such as those displayed by the malware or by antivirus software alerts.
Correct Answer = A
Why do you need hardware info?
answer is A
I agree A
answer must be B what do you think?
wouldnt upper management want to know how they were compromised? If a company has to report to external sources depending on the severity of the impact (ie law enforcement needing to be notified) they probably would not want to include their hardware configurations
agree A is the answer