What is the next step the engineer should take according to the NIST SP 800-61 Incident handling guide?

exams

2 years ago

An engineer discovered a breach, identified the threat’s entry point, and removed access.

The engineer was able to identify the host, the IP address of the threat actor, and the application the threat actor targeted.

What is the next step the engineer should take according to the NIST SP 800-61 Incident handling guide?
A . Recover from the threat.
B. Analyze the threat.
C. Identify lessons learned from the threat.
D. Reduce the probability of similar threats.

Answer: A

Explanation:

Per: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf

Latest 200-201 Dumps Valid Version with 154 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download 200-201 PDF 200-201 Questions Online Training