Which of the following is the final step Todd should take?

Todd is a security administrator, who is responsible for responding to incidents. There has been a
virus outbreak. Which of the following is the final step Todd should take?

Todd is a security administrator, who is responsible for responding to incidents. There has been a
virus outbreak. Which of the following is the final step Todd should take?

A.
Eradication

B.
Recovery

C.
AAR

D.
Containment

Explanation:
An after action review is the last phase. At this point it is important to evaluate how the breach occurred and learn from those mistakes.

Answer option A is incorrect. Eradication is actually an early stage, immediately after containment.

Answer option D is incorrect. Containment is the first thing you do once you are aware of the attack.

Answer option B is incorrect. Recovery is actually the next to the last thing to do. That step occurs once the virus is eradicated, but before you do the after action review.



Leave a Reply 0

Your email address will not be published. Required fields are marked *