Quiz 600-199, Securing Cisco Networks with Threat Detection and Analysis
What are four steps to manage incident response handling?
What does the acronym "CSIRT" stand for?
Which publication from the ISO covers security incident response?
which action should be performed?
Which action is recommended to prevent an incident from spreading?
What is the most important reason for documenting an incident?
Which three tools should be used for incident response?
what sequence do the proper eradicate/recovery steps take place?
Which four tools are used during an incident to collect data?
What is the most effective way to save the data on a system for later forensic use?