Which actions should be taken at this step in the incident response workflow?

350-201 0 Comments

A payroll administrator noticed unexpected changes within a piece of software and reported the incident to the incident response team.

Which actions should be taken at this step in the incident response workflow?
A . Classify the criticality of the information, research the attacker’s motives, and identify missing patches
B . Determine the damage to the business, extract reports, and save evidence according to a chain of custody
C . Classify the attack vector, understand the scope of the event, and identify the vulnerabilities being exploited
D . Determine the attack surface, evaluate the risks involved, and communicate the incident according to the escalation plan

Answer: B

Latest 350-201 Dumps Valid Version with 139 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download 350-201 PDF     350-201 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments