Which of the following would be BEST to improve the incident response process?

SY0-601 0 Comments

The SOC is reviewing process and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. The allowed the malware to spread to additional hosts before it was contained.

Which of the following would be BEST to improve the incident response process?
A . Updating the playbooks with better decision points
B . Dividing the network into trusted and untrusted zones
C . Providing additional end-user training on acceptable use
D . Implementing manual quarantining of infected hosts

Answer: A

Latest SY0-601 Dumps Valid Version with 396 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SY0-601 PDF     SY0-601 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments