The SOC is reviewing processes and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. This allowed the malware to spread to additional hosts before it was contained. Which of the following would be BEST to improve the incident response process?
A) Updating the playbooks with better decision points
B) Dividing the network into trusted and untrusted zones
C) Providing additional end-user training on acceptable use
D) Implementing manual quarantining of infected hosts
Correct Answer:
Verified
Q70: A security analyst has received an alert
Q71: A company recently moved sensitive videos between
Q72: A vulnerability assessment report will include the
Q73: A user received an SMS on a
Q74: An enterprise has hired an outside security
Q76: A security incident may have occurred on
Q77: Which of the following will provide the
Q78: A user recently entered a username and
Q79: A local coffee shop runs a small
Q80: Which of the following is a team
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents