Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
If a hacker breaches a server at an organization, what is the first step the incident response team must take?
Containment
Analysis
Investigation
Triage
Triage is the first stage to be carried out by the incident response team to determine the extent of the damage. ................................................................................................................ CBK June 2015:
CERT/CC at Carnegie Melon University, one of the foremost authorities on incident response and incident handling, depicts the incident handling model as a circular process that feeds back into itself, thus capturing the various dynamics and dependencies of the incident life cycle. The incident response and the handling phase can be broken down further into triage, investigation, containment, and analysis and tracking. Triage Phase: Triage encompasses the detection, identification, and notification sub-phases. Once an incident has been detected, an incident handler is tasked with the initial screening to determine the seriousness of the incident and to filter out false-positives. One of the most timeconsuming aspects of information security can be dealing with falsepositives (events that are incorrectly
page 624
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.