ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v11 All Questions

View all questions & answers for the 312-50v11 exam
Go to Exam

Exam 312-50v11 topic 1 question 216 discussion

Actual exam question from ECCouncil's 312-50v11
Question #: 216
Topic #: 1
[All 312-50v11 Questions]

Attacker Lauren has gained the credentials of an organization's internal server system, and she was often logging in during irregular times to monitor the network activities. The organization was skeptical about the login times and appointed security professional Robert to determine the issue. Robert analyzed the compromised device to find incident details such as the type of attack, its severity, target, impact, method of propagation, and vulnerabilities exploited.
What is the incident handling and response (IH&R) phase, in which Robert has determined these issues?

  • A. Incident triage
  • B. Preparation
  • C. Incident recording and assignment
  • D. Eradication
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by ANDRESCB1988 at July 23, 2021, 6:23 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Cokamaniako
1 year, 3 months ago
Answer C Step 3: Incident Triage In this phase, the identified security incidents are analyzed, validated, categorized, and prioritized. The IH&R team further analyzes the compromised device to find incident details such as the type of attack, its severity, target, impact, and method of propagation, and any vulnerabilities it exploited.
upvoted 1 times
Vincent_Lu
7 months ago
According to the description provided, the work conducted by Robert is related to the "Incident Recording and Assignment" and "Incident Triage" steps. In these steps, Robert analyzed the affected devices and identified the type, severity, target, impact, propagation methods, and exploited vulnerabilities of the incident. Therefore, these tasks belong to the "Incident Triage" phase.
upvoted 1 times
...
...
Daniel8660
1 year, 6 months ago
Selected Answer: A
Incident Handling and Response Incident handling and response (IH&R) is the process of taking organized and careful steps when reacting to a security incident or cyberattack. Steps involved in the IH&R process: 3.Incident Triage - The IH&R team further analyzes the compromised device to find incident details such as the type of attack, its severity, target, impact, and method of propagation, and any vulnerabilities it exploited. (P.84/68)
upvoted 4 times
...
MMtc
1 year, 10 months ago
1-Preparation 2- Incident Recording and Assignment 3- Incident Triage 4- Notification 5- Containment 6- Evidence Gathering and Forensic Analysis
upvoted 3 times
...
Silascarter
2 years, 7 months ago
Correct. Triage is the first post-detection incident response process any responder will execute to open an incident or false positive.
upvoted 3 times
...
ANDRESCB1988
2 years, 9 months ago
correct
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago