During what stage of incident response is it determined if the source of the incident was internal or external, and how the offe

admin2013-12-19 29

问题 During what stage of incident response is it determined if the source of the incident was internal or external, and how the offender penetrated and gained access to the asset?

选项 A、Analysis
B、Containment
C、Tracking
D、Follow-up

答案C

解析 C正确。应急响应开始于分类。分类过程会对该事故的范围和严重程度进行评估。如果确定某个事故已经真的发生了，那么应急响应团队立刻进入调查阶段。这个阶段包括数据收集，以及对这些数据进行分析、解释、反应和恢复。下一个阶段是遏制。应急响应团队会隔离事故所涉及的系统，为进行全面调查赢得时间。在分析过程中，会收集并分析更多的数据，进而确定事故发生的根本原因。一旦在分析阶段获得了足够多的信息，并能解答足够多的问题，那么我们便能进入跟踪阶段。此时，可确定事故源于内部还是外部、入侵者是如何渗入并访问有价值的资源的。
A不正确。因为在分析阶段，收集数据(审计口志、视频捕捉、人的活动记录、系统活动)是为了试图找出事故发生的根本原因。
B不正确。因为遏制的目的是隔离事故从而避免遭受进一步损失，并且为事故响应团队赢得时间来展开调查。
D不正确。因为跟进或恢复阶段出现在事故被了解之后。跟进或恢复阶段涉及实施必要的修复策略以确保这类事故不会再次发生。这可能需要阻止某些端口、停用某些脆弱的服务或功能、切换到另外一个处理设备或者打上补丁等。这就是所谓的“遵循恢复流程”，因为随意改变环境可能会带来更多问题。恢复流程可能会指明需要安装新映像、备份的数据需要还原、系统需要进行测试、所有的配置要正确设置等。

转载请注明原文地址:https://kaotiyun.com/show/PfhZ777K

CISSP认证

相关试题推荐

随机试题

最新回复(0)

During what stage of incident response is it determined if the source of the incident was internal or external, and how the offe

CISSP认证

Theterme-commercereferstoallcommercialtransactionsconductedovertheInternet,includingtransactionsbyconsumersandb

[A]Meetingdifferentneeds[B]Smallerisbetter[C]Betterproductmakesgreaterquantity[D]Qualityvsquantity[E]Chillyc

About3billionpeoplelivewithin100milesofthesea,anumberthatcoulddoubleinthenextdecadeashumansflocktocoasta

Severaltypesoffinancialriskareencounteredininternationalmarketing;themajorproblemsincludecommercial,political,an

Menandwomendothinkdifferently,atleastwheretheanatomyofthebrainisconcerned,accordingtoanewstudy.Thebrainis

[A]Marketforglasscraftsisgrowing[B]Dependenceofcomputerdevelopmentonglass[C]Behindtheadaptabilityofglass[D]

Itishardtomakemoneypeddlingsocialmediaanywhere.Duringtheirfirstfewyearsinbusiness,FacebookandTwitterlostpo

[A]Enduringproblemssuchaswar,poverty,andviolenceultimatelyspringfromhumannature,whichnotechnologicalinnovation

CigarettesmokingisahealthhazardofsufficientimportanceintheUnitedStatestowarrantappropriateremedialaction.Itwa

Writeanessayof160-200wordsbasedonthefollowingdrawing.Inyouressay,youshould1)describethedrawingbriefly,

下列哪项不是小儿遗尿的常见病因()

下面哪个药物具有手性碳原子，临床上用S(+)-异构体

一般情况，商场与住宅相比，楼层对价格的影响比朝向对价格的影响要大。()

中国保监会派出机构，在(　　)授权范围内行使职权。

为防控个人经营贷款的操作风险，贷款银行原则上不能接受()为抵押物。

Excel学生成绩表如下表所示，若要计算表中每个学生计算机文化和英语课的平均成绩，那么，可通过在D3单元格中填写(3)，并(4)拖动填充柄至D10单元格，则可自动算出这些学生的平均成绩。

下述程序的输出结果是()。#inc1udevoidmain(){inta[20]，*p[4]；inti，k=0；for(i=0；i

A.benefitsB.differentC.eventuallyD.instrumentsE.movingF.multipleG.unsalariedH.numberI.paidJ.restrictK.

thatbadweatherwasontheway,theclimbersdecidedtoputofftheirattemptontheAlpsuntilthefollowingweek.

Onedayapoliceofficermanagedtogetsomefreshmushrooms.Hewasso【C1】whathehadboughtthatheofferedto【C2】

During what stage of incident response is it determined if the source of the incident was internal or external, and how the offe

CISSP认证

Theterme-commercereferstoallcommercialtransactionsconductedovertheInternet,includingtransactionsbyconsumersandb

[A]Meetingdifferentneeds[B]Smallerisbetter[C]Betterproductmakesgreaterquantity[D]Qualityvsquantity[E]Chillyc

About3billionpeoplelivewithin100milesofthesea,anumberthatcoulddoubleinthenextdecadeashumansflocktocoasta

Severaltypesoffinancialriskareencounteredininternationalmarketing;themajorproblemsincludecommercial,political,an

Menandwomendothinkdifferently,atleastwheretheanatomyofthebrainisconcerned,accordingtoanewstudy.Thebrainis

[A]Marketforglasscraftsisgrowing[B]Dependenceofcomputerdevelopmentonglass[C]Behindtheadaptabilityofglass[D]

Itishardtomakemoneypeddlingsocialmediaanywhere.Duringtheirfirstfewyearsinbusiness,FacebookandTwitterlostpo

[A]Enduringproblemssuchaswar,poverty,andviolenceultimatelyspringfromhumannature,whichnotechnologicalinnovation

CigarettesmokingisahealthhazardofsufficientimportanceintheUnitedStatestowarrantappropriateremedialaction.Itwa

Writeanessayof160-200wordsbasedonthefollowingdrawing.Inyouressay,youshould1)describethedrawingbriefly,

下列哪项不是小儿遗尿的常见病因()

下面哪个药物具有手性碳原子，临床上用S(+)-异构体

一般情况，商场与住宅相比，楼层对价格的影响比朝向对价格的影响要大。()

中国保监会派出机构，在( )授权范围内行使职权。

为防控个人经营贷款的操作风险，贷款银行原则上不能接受()为抵押物。

Excel学生成绩表如下表所示，若要计算表中每个学生计算机文化和英语课的平均成绩，那么，可通过在D3单元格中填写(3)，并(4)拖动填充柄至D10单元格，则可自动算出这些学生的平均成绩。

下述程序的输出结果是()。#inc1udevoidmain(){inta[20]，*p[4]；inti，k=0；for(i=0；i

A.benefitsB.differentC.eventuallyD.instrumentsE.movingF.multipleG.unsalariedH.numberI.paidJ.restrictK.

thatbadweatherwasontheway,theclimbersdecidedtoputofftheirattemptontheAlpsuntilthefollowingweek.

Onedayapoliceofficermanagedtogetsomefreshmushrooms.Hewasso【C1】______whathehadboughtthatheofferedto【C2】______

中国保监会派出机构，在(　　)授权范围内行使职权。

Onedayapoliceofficermanagedtogetsomefreshmushrooms.Hewasso【C1】whathehadboughtthatheofferedto【C2】