Cisco
350-201(NEW-127Q) · Question #62
350-201(NEW-127Q) Question #62: Real Exam Question with Answer & Explanation
Sign in or unlock 350-201(NEW-127Q) to reveal the answer and full explanation for question #62. The question stem and answer options stay visible for context.
Incident Response and Management
Question
The engineer discovered a security breach, and upon further analysis, discovered a malware presence on several assets. According to the incident response workflow, which steps should be taken to contain the threat?
Options
- ADetermine where the breach started, stop the spread, and devise a plan to prevent it from reoccurring.
- BIdentify malware and assets affected, clean the malware, and maintain a constructive report
- CIdentify the types of backups in place and discuss the backup and restoration plan with management.
- DDetermine if the affected assets were patched recently and which patches were applied.
Unlock 350-201(NEW-127Q) to see the answer
You've previewed enough free 350-201(NEW-127Q) questions. Unlock 350-201(NEW-127Q) for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#Incident Response#Containment Phase#Threat Mitigation#Breach Investigation