In which of the following steps of the incident response lifecycle, the incident team determined to make that decision?

312-40 0 Comments

An organization, PARADIGM PlayStation, moved its infrastructure to a cloud as a security practice. It established an incident response team to monitor the hosted websites for security issues. While examining network access logs using SIEM, the incident response team came across some incidents that suggested that one of their websites was targeted by attackers and they successfully performed an SQL injection attack.

Subsequently, the incident response team made the website and database server offline.

In which of the following steps of the incident response lifecycle, the incident team determined to make that decision?
A . Analysis
B . Containment
C . Coordination and information sharing
D . Post-mortem

Answer: B

Explanation:

The decision to take the website and database server offline falls under the Containment phase of the incident response lifecycle.

Here’s how the process typically unfolds:

Latest 312-40 Dumps Valid Version with 125 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download 312-40 PDF     312-40 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments