Which of the following are the primary goals of the incident handling team?
Each correct answer represents a complete solution. (Choose all that apply.)
Which of the following are the primary goals of the incident handling team?
Each correct answer represents a complete solution. (Choose all that apply.)
The primary goals of the incident handling team are to freeze the scene to preserve evidence, prevent any further damage to the systems and data, and inform higher authorities so that the incident is properly escalated and managed. Repairing any damage caused by an incident generally falls under recovery and mitigation responsibilities, which might be handled by a different team, such as system administrators or network administrators, rather than the incident handling team itself.
Incorrect B. Repair any damage caused by an incident. is incorrect.. as incident responders are not sysadmins or netadmins.. it should be A,C,D
An incident handling team could have sysadmins. Part of the IR process is recovery. Therefore, repairing damage caused by an incident is part of the process.