Which step in the incident response process researches an attacking host through logs in a SIEM?
A . detection and analysis
B . preparation
C . eradication
D . containment
Answer: A
Explanation:
In the incident response process, detection and analysis involve researching an attacking host through logs in a Security Information and Event Management (SIEM) system. This step helps in identifying, validating, and managing potential security incidents.
Reference: = Cisco CyberOps Associate – Module 3: Security Monitoring
Latest 200-201 Dumps Valid Version with 154 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund