An analyst received a ticket regarding a degraded processing capability for one of the HR department’s servers. On the same day, an engineer noticed a disabled antivirus software and was not able to determine when or why it occurred.
According to the NIST Incident Handling Guide, what is the next phase of this investigation?
A . Recovery
B. Detection
C. Eradication
D. Analysis
Answer: B
Explanation:
Reference: https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-61r2.pdf
Latest 200-201 Dumps Valid Version with 154 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund