In which of the following steps of the incident response lifecycle, the incident team determined to make that decision?
An organization, PARADIGM PlayStation, moved its infrastructure to a cloud as a security practice. It established an incident response team to monitor the hosted websites for security issues. While examining network access logs using SIEM, the incident response team came across some incidents that suggested that one of their websites was targeted by attackers and they successfully performed an SQL injection attack.
Subsequently, the incident response team made the website and database server offline.
In which of the following steps of the incident response lifecycle, the incident team determined to make that decision?
A . Analysis
B . Containment
C . Coordination and information sharing
D . Post-mortem
Answer: B
Explanation:
The decision to take the website and database server offline falls under the Containment phase of the incident response lifecycle.
Here’s how the process typically unfolds:
Latest 312-40 Dumps Valid Version with 125 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund