Which option is unnecessary for determining the appropriate containment strategy according to NIST.SP800-61 r2?

Which option is unnecessary for determining the appropriate containment strategy according to NIST.SP800-61 r2?
A. effectiveness of the strategy
B. time and resource needed to implement the strategy
C. need for evidence preservation
D. attack vector used to compromise the system

cisco-exams

One thought on “Which option is unnecessary for determining the appropriate containment strategy according to NIST.SP800-61 r2?

  1. D is correct
    https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf

    Criteria for determining the appropriate strategy include:
     Potential damage to and theft of resources
     Need for evidence preservation
     Service availability (e.g., network connectivity, services provided to external parties)
     Time and resources needed to implement the strategy
     Effectiveness of the strategy (e.g., partial containment, full containment)
     Duration of the solution (e.g., emergency workaround to be removed in four hours, temporary
    workaround to be removed in two weeks, permanent solution).

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.