In which step of the NIST incident response process does the CSIRT perform an analysis to determine which networks, systems, or applications are affected; who or what originated the incident; and how the incident is occurring?

In which step of the NIST incident response process does the CSIRT perform an analysis to determine which networks, systems, or applications are affected; who or what originated the incident; and how the incident is occurring?

• incident notification
• scoping
• attacker identification
• detection

Explanation: In the detection and analysis phase of the NIST incident response process life cycle, the CSIRT should immediately perform an initial analysis to determine the scope of the incident, such as which networks, systems, or applications are affected; who or what originated the incident; and how the incident is occurring.

Exam with this question: CCNA SECOPS 210-255 Dumps – Certification Practice Exam Answers
Exam with this question: Modules 26 - 28: Analyzing Security Data Group Exam
Exam with this question: Checkpoint Exam: Incident Response Answers
Exam with this question: Cyber Threat Management: My Knowledge Check Answers