Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25

- Free Preparation Discussions

CompTIA Exam SY0-601 Topic 5 Question 82 Discussion

Actual exam question for CompTIA's SY0-601 exam

Question #: 82
Topic #: 5

[All SY0-601 Questions]

An organization has hired a red team to simulate attacks on its security pos-ture, which Of following will the blue team do after detecting an IOC?

AReimage the impacted workstations.

BActivate runbooks for incident response.

CConduct forensics on the compromised system,

DConduct passive reconnaissance to gather information

Show Suggested Answer

Suggested Answer: B

A runbook is a set of predefined procedures and steps that guide an incident response team through the process of handling a security incident.It can help the blue team respond quickly and effectively to an indicator of compromise (IOC) by following the best practices and predefined actions for containment, eradication, recovery and lessons learned.

by Vincent at May 18, 2024, 06:39 AM

Limited Time Offer

25%

Off

Get Premium SY0-601 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!