The SOC is reviewing processes and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. This allowed the malware to spread to additional hosts before it was contained. Which of the following would BEST to improve the incident response process?
A) Updating the playbook with better decision points
B) Dividing the network into trusted and untrusted zones
C) Providing additional end-user training on acceptable use
D) Implementing manual quarantining of infected hosts
Correct Answer:
Verified
Q342: Which of the following attacks can be
Q343: During a recent incident, sensitive data was
Q344: As part of the asset management life
Q345: A large industrial system's smart generator monitors
Q346: An organization is struggling to differentiate threats
Q348: A newly hired Chief Information Security Officer
Q349: A systems administrator has deployed the latest
Q350: A security architect has designated that a
Q351: A Chief Information Security Officer (CISO) is
Q352: A cybersecurity consulting company supports a diverse
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents