Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
The first step a system operator should take after detecting a security incident is to:
Identify the source of the security incident by its IP address and launch a counter-attack.
Call the company Computer Incident Response Team (CERT) and report the incident.
Disconnect the system from the network by unplugging the network cable from the network interface card (NIC).
Use the security incident response procedure and start an emergency system shutdown.
See Managing Incident Response in the (ISC)2 CISSP Official Study Guide, Seventh Edition, starting at pages 698.
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.