nerdexam
ExamsGCIHQuestions#304
GIAC

GCIH · Question #304

GCIH Question #304: Real Exam Question with Answer & Explanation

The correct answer is A: Eradication. Eradication - This phase involves removing the root cause of the incident-in this case, eliminating the vulnerabilities or misconfigurations in the email response process that allow spammers to exploit it. It may include blocking malicious email sources, updating filters, or fixi

Question

You work as an Incident handling manager for a company. The public relations process of the company includes an event that responds to the e-mails queries. But since few days, it is identified that this process is providing a way to spammers to perform different types of e-mail attacks. Which of the following phases of the Incident handling process will now be involved in resolving this process and find a solution? Each correct answer represents a part of the solution. Choose all that apply.

Options

  • AEradication
  • BContamination
  • CPreparation
  • DRecovery
  • EIdentification

Explanation

Eradication - This phase involves removing the root cause of the incident-in this case, eliminating the vulnerabilities or misconfigurations in the email response process that allow spammers to exploit it. It may include blocking malicious email sources, updating filters, or fixing the system to stop the abuse. Recovery - After eradication, recovery focuses on restoring normal operations of the email system and ensuring that the process no longer allows spam attacks. This includes verifying that the email handling process is functioning correctly and securely. Identification - This phase is crucial to detect and understand the nature of the email attack, including how spammers are exploiting the email process. Identification helps in classifying the incident and gathering information necessary for containment and eradication.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GCIH Practice