nerdexam
ExamsCERTIFIED-IN-CYBERSECURITYQuestions#466
(ISC)2(ISC)2

CERTIFIED-IN-CYBERSECURITY · Question #466

CERTIFIED-IN-CYBERSECURITY Question #466: Real Exam Question with Answer & Explanation

The correct answer is B: Retention. Retention. An incident response process is a structured approach to addressing and managing the aftermath of a security breach or cyberattack (the incident). The process is designed to limit damage and reduce recovery time and costs. The components commonly found in an incident r

Business Continuity (BC), Disaster Recovery (DR) & Incident Response (IR) Concepts

Question

Which of the following is NOT a category of the incident response process?

Options

  • AContainment
  • BRetention
  • CPreparation
  • DDetection

Explanation

Retention. An incident response process is a structured approach to addressing and managing the aftermath of a security breach or cyberattack (the incident). The process is designed to limit damage and reduce recovery time and costs. The components commonly found in an incident response plan are (in order): Preparation; Detection and Analysis; Containment, Remediation and Recovery; Post-Incident Activities (see ISC2 Study Guide Chapter 2, Module 1). Therefore, preparation, detection and containment are all integral parts of the incident response process. In cybersecurity, retention often refers to the preservation and storage of data, records, or evidence for a specified period of time, typically for legal reasons. Retention is not a category of the incident response process.

Topics

#Incident Response#Incident Handling#Security Operations#Cybersecurity Fundamentals

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CERTIFIED-IN-CYBERSECURITY PracticeBrowse All CERTIFIED-IN-CYBERSECURITY Questions