1answer.
Ask question
Login Signup
Ask question
All categories
  • English
  • Mathematics
  • Social Studies
  • Business
  • History
  • Health
  • Geography
  • Biology
  • Physics
  • Chemistry
  • Computers and Technology
  • Arts
  • World Languages
  • Spanish
  • French
  • German
  • Advanced Placement (AP)
  • SAT
  • Medicine
  • Law
  • Engineering
Volgvan
3 years ago
14

An organization's IRP prioritizes containment over eradication. An incident has been discovered where an attacker outside of the

organization has installed crypto-currency mining software on the organization's web servers. Given the organization's stated priorities, which of the following would be the NEXT step?
a. Remove the affected servers from the network.
b. Review firewall and IDS logs to identify possible source IPs.
c. Identify and apply any missing operating system and software patches
d. Delete the malicious software and determine if the servers must be reimaged
Computers and Technology
1 answer:
djyliett [7]3 years ago
5 0

Answer:

a. Remove the affected servers from the network.

Explanation:

An organization's incident response process (IRP) can be defined as all of the process involved in the cleanup and recovery of data when they fall victim to an attack or cybersecurity breach. The incident response process comprises of six (6) important stages and these are;

1. Preparation.

2. Detection and analysis (identification).

3. Containment.

4. Eradication.

5. Recovery.

6. Review of incident activities.

When an organization's IRP prioritizes containment over eradication and an incident is discovered, where an attacker outside the organization installed a crypto-currency mining software on the organization's web servers. Given the organization's stated priorities, the cybersecurity engineer should remove the affected servers from the network.

A containment process is focused on taking steps to eliminate or contain the attack. It basically involves acting swiftly in response to the attack, so as to prevent it from spreading across board or in order to mitigate the damage already caused.

In this context, the cybersecurity engineer should remove the affected servers from the network in accordance with the organization's IRP priority (containment).

<em>Furthermore, he could take a step further to contain the attack by installing a firewall and updating their policies in the Intrusion Prevention System (IPS) of the organization. </em>

You might be interested in
Match the personality traits with their description
Crank

Believing in your capabilities and demonstrating confidence in the tasks you perform - Self Esteem

Being loyal, sincere, and trustworthy in your job - Honesty

Being friendly and communicating enthusiastically with co workers - Sociability

Being accountable for your actions - Responsibility

Hope this helped!

~Just a girl in love with Shawn Mendes

7 0
3 years ago
Read 2 more answers
What are two example of ways an electronic record may be distributed to others?
murzikaleks [220]
By email or publishing on the internet, I hope that helps!
4 0
3 years ago
are designed to locate information based on the nature and meaning of Web content, not simple keyword matches Select one: a. Cra
san4es73 [151]

Answer: C. Semantic Search Engines

Explanation:

Semantic search is simply search with meaning. It is designed to locate information based on the nature and meaning of Web content, not simple keyword matches (like in lexical searches)

4 0
3 years ago
Desinated for a network connection within a largecity or multiple small citys
frozen [14]

I think it is WAN (Wide Area Network).

6 0
3 years ago
In the library 6 students are working on math. of those 6 students 2/3 of them are working on fractions. how many students are w
zmey [24]
Explanation:
The word "of" in a fraction word problem USUALLY means to multiply. So we multiply 6 x 2/3

6 2 12
- x - = - = 4
1 3 3
6 0
3 years ago
Other questions:
  • Theresa is a certified teacher. She just had a baby and would like to stay home, but still wants to teach. Which career would be
    11·2 answers
  • Which of the following menu commands would you select to make a copy of an open file and rename it?
    15·1 answer
  • Which of the following correctly describes the function of an IP address
    13·1 answer
  • Which PowerPoint options can users customize?
    9·1 answer
  • Which of the following is the primary medium for beach erosion?
    12·1 answer
  • In Load/Store Architecture, memory is only referenced by load and store instructions.
    15·1 answer
  • A(n) _____ is a request for the database management software to search the database for data that match criteria specified by th
    15·2 answers
  • All of the following are helpful tips for protecting your digital privacy, except:
    10·2 answers
  • What is the purpose of the new window command
    6·1 answer
  • Quick I need help ASAP
    7·2 answers
Add answer
Login
Not registered? Fast signup
Signup
Login Signup
Ask question!