Q: 8
SCENARIO: Critical servers show signs of erratic behavior within your organization’s intranet. Initial
information indicates the systems are under attack from an outside entity. As the Chief Information
Security Officer (CISO), you decide to deploy the Incident Response Team (IRT) to determine the
details of this incident and take action according to the information available to the team.
During initial investigation, the team suspects criminal activity but cannot initially prove or disprove
illegal actions. What is the MOST critical aspect of the team’s activities?
Options
Discussion
No comments yet. Be the first to comment.
Be respectful. No spam.
