ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-201 All Questions

View all questions & answers for the 350-201 exam
Go to Exam

Exam 350-201 topic 1 question 115 discussion

Actual exam question from Cisco's 350-201
Question #: 115
Topic #: 1
[All 350-201 Questions]

A SOC analyst detected a ransomware outbreak in the organization coming from a malicious email attachment. Affected parties are notified, and the incident response team is assigned to the case. According to the NIST incident response handbook, what is the next step in handling the incident?

  • A. Create a follow-up report based on the incident documentation.
  • B. Perform a vulnerability assessment to find existing vulnerabilities.
  • C. Eradicate malicious software from the infected machines.
  • D. Collect evidence and maintain a chain-of-custody during further analysis.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by TrainingTeam at Oct. 21, 2024, 9:51 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
TrainingTeam
6 months, 2 weeks ago
Selected Answer: C
According to the NIST incident response handbook, after detecting a ransomware outbreak and notifying the affected parties, the next step is to eradicate the malicious software from the infected machines. This involves removing the ransomware and any associated malware to prevent further encryption or spread of the infection3
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago