A security team conducts a lessons-learned meeting after struggling to determine who should conduct the next steps following a security event. Which of the following should the team create to address this issue?
An incident response plan (IRP) is a document that defines the roles and responsibilities, procedures, and guidelines for responding to a security incident. It helps the security team to act quickly and effectively, minimizing the impact and cost of the incident. An IRP should specify who should conduct the next steps following a security event, such as containment, eradication, recovery, and analysis12. Reference: CompTIA CySA+ CS0-003 Certification Study Guide, page 362; 6 Incident Response Steps to Take After a Security Event, section 2.
Rebbecca
6 months agoHerminia
7 months agoBrandon
7 months agoRebbecca
7 months agoHerminia
7 months agoMarica
8 months agoAn
8 months agoInes
8 months agoJenise
7 months agoLaurena
8 months agoCharlena
8 months agoLavonda
8 months agoJustine
8 months agoSamira
8 months agoAdelle
8 months ago