ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam
Go to Exam

Exam CISM topic 1 question 281 discussion

Actual exam question from Isaca's CISM
Question #: 281
Topic #: 1
[All CISM Questions]

The PRIMARY goal of the eradication phase in an incident response process is to:

  • A. provide effective triage and containment of the incident.
  • B. remove the threat and restore affected systems.
  • C. maintain a strict chain of custody.
  • D. obtain forensic evidence from the affected system.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by N1co_o at Feb. 19, 2023, 12:47 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
it_expert_cism
Highly Voted 1 year, 10 months ago
b is right Answer Eradication Once you've contained the issue, you need to find and eliminate the root cause of the breach. This means all malware should be securely removed, systems should again be hardened and patched, and updates should be applied
upvoted 8 times
...
Creations
Most Recent 10 months, 3 weeks ago
Threat means about to happen, but the question says incidence response process. which means it has happened and what is our goal when it happens. Our goal will be to contain it and restore, therefore, I will go for A.
upvoted 1 times
...
oluchecpoint
1 year ago
Selected Answer: B
B. remove the threat and restore affected systems. While all the options listed are important aspects of incident response, the eradication phase specifically focuses on eliminating the threat and restoring affected systems to their normal operational state. This phase is crucial for preventing any further damage or reoccurrence of the incident.
upvoted 1 times
...
oluchecpoint
1 year, 5 months ago
B. remove the threat and restore affected systems. While all the options listed are important aspects of incident response, the eradication phase specifically focuses on eliminating the threat and restoring affected systems to their normal operational state. This phase is crucial for preventing any further damage or reoccurrence of the incident.
upvoted 1 times
...
richck102
1 year, 8 months ago
B. remove the threat and restore affected systems.
upvoted 1 times
...
adamshup
1 year, 9 months ago
Selected Answer: B
B Is correct
upvoted 2 times
...
dark_3k03r
1 year, 9 months ago
Selected Answer: B
the correct answer is B since by definition eradication: the complete destruction of something. and the only answer that says something remotely close to that is B.
upvoted 3 times
...
N1co_o
1 year, 11 months ago
Selected Answer: A
A i guess
upvoted 1 times
SilverFox
1 year, 2 months ago
Why are you guessing? Its the wrong answer. Dont submit a vote and comment if you dont know.
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel