What information is gathered by the CSIRT when determining the scope of a security incident?
- the networks, systems, and applications affected by an incident
- the amount of time and resources needed to handle an incident
- the strategies and procedures used for incident containment
- the processes used to preserve evidence
Explanation: The scoping activity performed by the CSIRT after an incident determines which networks, systems, or applications are affected; who or what originated the incident; and how the incident is occurring.
Exam with this question: CCNA Cyber Ops Chapter 13 Exam Answers
Exam with this question: Modules 26 - 28: Analyzing Security Data Group Exam
Please login or Register to submit your answer