nerdexam
ExamsCERTIFIED-IN-CYBERSECURITYQuestions#368
(ISC)2(ISC)2

CERTIFIED-IN-CYBERSECURITY · Question #368

CERTIFIED-IN-CYBERSECURITY Question #368: Real Exam Question with Answer & Explanation

The correct answer is B: Recovery. During the recovery phase, affected systems are restored to normal operations, and long-term fixes are implemented to prevent similar incidents from occurring in the future. This phase also includes updating and improving security measures based on lessons learned from the incide

Business Continuity (BC), Disaster Recovery (DR) & Incident Response (IR) Concepts

Question

During which phase of the incident response process would be most appropriate to implement long-term fixes to prevent similar incidents in the future?

Options

  • AAnalysis
  • BRecovery
  • CDetection
  • DMitigation

Explanation

During the recovery phase, affected systems are restored to normal operations, and long-term fixes are implemented to prevent similar incidents from occurring in the future. This phase also includes updating and improving security measures based on lessons learned from the incident (see ISC2 Study Guide, Module 1, under Incident Response Team). The detection, analysis, and mitigation phases are all important steps in the incident response process, but they are not the appropriate time to implement long-term fixes. Long-term fixes should be implemented during the recovery phase to ensure the incident does not reoccur.

Topics

#Incident Response#Recovery Phase#Preventative Measures

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CERTIFIED-IN-CYBERSECURITY PracticeBrowse All CERTIFIED-IN-CYBERSECURITY Questions