Solved

An Engineer Discovered a Breach, Identified the Threat's Entry Point

Question 141

Multiple Choice

An engineer discovered a breach, identified the threat's entry point, and removed access. The engineer was able to identify the host, the IP address of the threat actor, and the application the threat actor targeted. What is the next step the engineer should take according to the NIST SP 800-61 Incident handling guide?


A) Recover from the threat.
B) Analyze the threat.
C) Identify lessons learned from the threat.
D) Reduce the probability of similar threats.

Correct Answer:

verifed

Verified

Unlock this answer now
Get Access to more Verified Answers free of charge

Related Questions

Q131: Which security technology guarantees the integrity and

Q132: Which filter allows an engineer to filter

Q133: An engineer needs to have visibility on

Q134: An engineer is investigating a case of

Q135: Refer to the</p></div><svg width=

Q136: Refer to the</p></div><svg width=

Q137: Which technology should be used to implement

Q138: Which action should be taken if the

Q139: Which security monitoring data type requires the

Q140: An engineer needs to fetch logs from

Unlock this Answer For Free Now!

View this answer and more for free by performing one of the following actions

qr-code

Scan the QR code to install the App and get 2 free unlocks

upload documents

Unlock quizzes for free by uploading documents