Incident Response Life Cycle Quiz

Regularly testing incident response plans

Identifying, containing, eradicating, and recovering from security incidents

Developing incident management plans

Creating effective communication channels

Federal Bureau of Investigation (FBI)

Department of Homeland Security (DHS)

National Institute of Standards and Technology (NIST)

Central Intelligence Agency (CIA)

Detection and analysis

Preparation

Containment

Post-event activity

Perform a postmortem of the incident

Create incident management plans

Identify the nature of the attack and its impact on systems

Restore systems to their pre-incident state

Restore systems to their pre-incident state

Perform a postmortem of the incident

Develop incident security protocols

Prevent the spread of malware or viruses

Detection and analysis

Preparation

Eradication

Post-event activity

Detection and analysis

Containment

Preparation

Post-event activity

Identify and train incident handlers, create effective communication channels, maintain logs, regularly test the incident response plan

Prepare for incidents, contain security breaches, analyze data, detect malware

Develop incident management plans, perform post-event activities, eradicate malware, recover systems

Update security policies, introduce new technologies, create incident security protocols, restore data

Perform a postmortem of the incident

Restore systems to their pre-incident state

Identify the source of an attack

Create an incident management plan to detect incidents

Perform a postmortem of the incident

Restore systems to their pre-incident state

Prevent the spread of malware or viruses

Collect and analyze data to identify the source of an attack