Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam SY0-601 Topic 5 Question 87 Discussion

Actual exam question for CompTIA's SY0-601 exam
Question #: 87
Topic #: 5
[All SY0-601 Questions]

An organization has hired a red team to simulate attacks on its security pos-ture, which Of following will the blue team do after detecting an IOC?

Show Suggested Answer Hide Answer
Suggested Answer: B

A runbook is a set of predefined procedures and steps that guide an incident response team through the process of handling a security incident.It can help the blue team respond quickly and effectively to an indicator of compromise (IOC) by following the best practices and predefined actions for containment, eradication, recovery and lessons learned.


by Alex at Jul 15, 2024, 03:59 AM

Limited Time Offer

25%

Off

Get Premium SY0-601 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Curt
15 days ago
Reimaging the impacted workstations could also be a good option to ensure the security of the network.
upvoted 0 times
...
Hermila
16 days ago
I believe they might also activate runbooks for incident response to contain the attack.
upvoted 0 times
...
Maryln
16 days ago
Hey, at least they hired a red team. Keeps the blue team on their toes, you know?
upvoted 0 times
Helga
4 days ago
A) Reimage the impacted workstations.
upvoted 0 times
...
...
Alethea
17 days ago
I agree with Daniela, conducting forensics is crucial to understand the extent of the compromise.
upvoted 0 times
...
Daniela
18 days ago
I think the blue team will conduct forensics on the compromised system.
upvoted 0 times
...
Marcelle
19 days ago
A) Reimage the impacted workstations. Fresh start, clean slate, what could go wrong?
upvoted 0 times
...
Penney
22 days ago
D) Conduct passive reconnaissance to gather information. Sneaky, but it might just give us the edge we need.
upvoted 0 times
...
Charlie
23 days ago
B) Activate runbooks for incident response. Standard operating procedure, can't go wrong with that.
upvoted 0 times
Lashaun
22 hours ago
A) Reimage the impacted workstations.
upvoted 0 times
...
...
Billye
27 days ago
C) Conduct forensics on the compromised system. Gotta get to the bottom of this breach!
upvoted 0 times
Lemuel
8 days ago
A) Reimage the impacted workstations.
upvoted 0 times
...
...

Save Cancel