During which step of the incident response process would you be tasked with building the team, identifying roles, and testing the communication system?
The correct answer is C, Preparation. In the incident response lifecycle, preparation is the stage performed before an actual incident occurs. This phase focuses on making the organization ready to respond effectively by creating the incident response plan, forming the incident response team, assigning roles and responsibilities, defining escalation paths, and testing communication procedures. CEH incident management material lists “Preparation for Incident Response” as the first incident response process before detection, classification, notification, containment, investigation, eradication, recovery, and post-incident activities. It also emphasizes setting up an incident response team, identifying the people who should be contacted during an intrusion, and defining lines of communication. Containment occurs after an incident is detected and aims to limit damage. Notification involves informing affected users or stakeholders. Recovery restores affected systems to normal operation. Since building the team and testing communication happen before an incident, the correct phase is Preparation.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit