A security analyst has just received an incident ticket regarding a ransomware attack. Which of the following would most likely help an analyst properly triage the ticket?
Aplaybookprovides astep-by-stepguide for handling specific types of incidents like ransomware, making it invaluable during triage. It outlines predefined procedures, aiding consistent and fast decision-making.
The incident response plan (A) provides high-level structure.
Lessons learned (B) applyafterthe incident.
Tabletop exercises (D) are training tools, not live guides.
????Reference: Chapple & Seidl, CySA+ Practice Tests, Incident Response, Chapter 3 – Playbooks and Procedures.
????Objective: 3.1 - Apply incident response procedures based on an incident classification.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit