1answer.
Ask question
Login Signup
Ask question
All categories
  • English
  • Mathematics
  • Social Studies
  • Business
  • History
  • Health
  • Geography
  • Biology
  • Physics
  • Chemistry
  • Computers and Technology
  • Arts
  • World Languages
  • Spanish
  • French
  • German
  • Advanced Placement (AP)
  • SAT
  • Medicine
  • Law
  • Engineering
Volgvan
3 years ago
14

An organization's IRP prioritizes containment over eradication. An incident has been discovered where an attacker outside of the

organization has installed crypto-currency mining software on the organization's web servers. Given the organization's stated priorities, which of the following would be the NEXT step?
a. Remove the affected servers from the network.
b. Review firewall and IDS logs to identify possible source IPs.
c. Identify and apply any missing operating system and software patches
d. Delete the malicious software and determine if the servers must be reimaged
Computers and Technology
1 answer:
djyliett [7]3 years ago
5 0

Answer:

a. Remove the affected servers from the network.

Explanation:

An organization's incident response process (IRP) can be defined as all of the process involved in the cleanup and recovery of data when they fall victim to an attack or cybersecurity breach. The incident response process comprises of six (6) important stages and these are;

1. Preparation.

2. Detection and analysis (identification).

3. Containment.

4. Eradication.

5. Recovery.

6. Review of incident activities.

When an organization's IRP prioritizes containment over eradication and an incident is discovered, where an attacker outside the organization installed a crypto-currency mining software on the organization's web servers. Given the organization's stated priorities, the cybersecurity engineer should remove the affected servers from the network.

A containment process is focused on taking steps to eliminate or contain the attack. It basically involves acting swiftly in response to the attack, so as to prevent it from spreading across board or in order to mitigate the damage already caused.

In this context, the cybersecurity engineer should remove the affected servers from the network in accordance with the organization's IRP priority (containment).

<em>Furthermore, he could take a step further to contain the attack by installing a firewall and updating their policies in the Intrusion Prevention System (IPS) of the organization. </em>

You might be interested in
(25 POINTS)Which statement best reflects the importance of following safety guidelines?
jeyben [28]

Answer:

I think, Every year, thousands of people die as a result of workplace injuries.

6 0
3 years ago
Read 2 more answers
What year did polaroid introduce one-step photography with the SX-70
blagie [28]

Answer:

I first saw the Polaroid SX-70—the one-step instant camera introduced in 1972 by the company's co-founder, Dr.

Explanation:

5 0
2 years ago
Ten output devices you know
jasenka [17]
Monitor
Printer
Headphones
Computer Speakers
Projector
GPS
Sound Card
Video Card
Braille Reader
Speech-Generating Device

6 0
3 years ago
A network technician is asked to redesign an Ethernet network before some new monitoring software is added to each workstation o
mina [271]

Answer: network administrator

Explanation:

8 0
3 years ago
Arrange the code so that the numbers are swapped.
Ahat [919]
Rand.int(your_num , your_num
5 0
2 years ago
Other questions:
  • SELECT vendor_name, COUNT(*) AS number_of_invoices, MAX(invoice_total - payment_total - credit_total) AS balance_due FROM vendor
    15·1 answer
  • Consider the pseudo-cpu discussed in class. the instruction format is 16 bits, which is subdivided into 4-bit opcode field and 1
    14·1 answer
  • You can use this type of program to create a new raster image
    9·1 answer
  • Rob creates a Course_Details table that has four columns: Course _ID, Course_Name, Semester and Credits. A course may have 0.5 c
    6·2 answers
  • Part 1: For this assignment, call it assign0 Implement the following library and driver program under assign0: Your library will
    5·1 answer
  • which of these tools stick to the edge of an image, thus making it easy to select the shape of an image
    6·1 answer
  • Which statement best defines the Control Pannel?
    12·1 answer
  • Demons I shall be your eternal nightmare
    13·1 answer
  • What will be the output, if any, when the user clicks the right mouse button?
    5·1 answer
  • Write code to define a function named mymath. The function has three arguments in the following order: Boolean, Integer, and Int
    11·1 answer
Add answer
Login
Not registered? Fast signup
Signup
Login Signup
Ask question!