Incident handling and response steps help you to detect, identify, respond and manage an incident. Which of the following steps focus on limiting the scope and extent of an incident?
Incident handling and response steps help you to detect, identify, respond and manage an incident. Which of the following steps focus on limiting the scope and extent of an incident?
The containment step in incident handling and response focuses on limiting the scope and extent of an incident. This involves taking measures to prevent the incident from spreading further and causing more damage, ensuring that it is isolated to a specific area or part of the system while planning and preparing for eradication and recovery.
Correct answer is 'containment'- you are limiting the scope of the incident and not eradicating at this stage.
eradication
it is containment. eradication doesn't limit the scope but ensures the root cause of the incident is eradicated, vulnerabilities patched, and all traces of the malware or whatever it is is removed from the system
Should be containment, for limiting scope.