1answer.
Ask question
Login Signup
Ask question
All categories
  • English
  • Mathematics
  • Social Studies
  • Business
  • History
  • Health
  • Geography
  • Biology
  • Physics
  • Chemistry
  • Computers and Technology
  • Arts
  • World Languages
  • Spanish
  • French
  • German
  • Advanced Placement (AP)
  • SAT
  • Medicine
  • Law
  • Engineering
Volgvan
3 years ago
14

An organization's IRP prioritizes containment over eradication. An incident has been discovered where an attacker outside of the

organization has installed crypto-currency mining software on the organization's web servers. Given the organization's stated priorities, which of the following would be the NEXT step?
a. Remove the affected servers from the network.
b. Review firewall and IDS logs to identify possible source IPs.
c. Identify and apply any missing operating system and software patches
d. Delete the malicious software and determine if the servers must be reimaged
Computers and Technology
1 answer:
djyliett [7]3 years ago
5 0

Answer:

a. Remove the affected servers from the network.

Explanation:

An organization's incident response process (IRP) can be defined as all of the process involved in the cleanup and recovery of data when they fall victim to an attack or cybersecurity breach. The incident response process comprises of six (6) important stages and these are;

1. Preparation.

2. Detection and analysis (identification).

3. Containment.

4. Eradication.

5. Recovery.

6. Review of incident activities.

When an organization's IRP prioritizes containment over eradication and an incident is discovered, where an attacker outside the organization installed a crypto-currency mining software on the organization's web servers. Given the organization's stated priorities, the cybersecurity engineer should remove the affected servers from the network.

A containment process is focused on taking steps to eliminate or contain the attack. It basically involves acting swiftly in response to the attack, so as to prevent it from spreading across board or in order to mitigate the damage already caused.

In this context, the cybersecurity engineer should remove the affected servers from the network in accordance with the organization's IRP priority (containment).

<em>Furthermore, he could take a step further to contain the attack by installing a firewall and updating their policies in the Intrusion Prevention System (IPS) of the organization. </em>

You might be interested in
Few companies today could realize their full-potential business value without updated ________. Select one: a. IT investments ma
Alenkasestr [34]

Answer:

b. IT infrastructures and services

Explanation:

IT infrastructure or information technology infrastructure refers to the various components involved in the functioning of an IT enabled operations. These components include; hardware, software, network resources, etc.

It is usually internal to an organization and deployed within the confines of its own facilities.

6 0
3 years ago
Which of these number formats would you want to apply to a cell showing the total sales for the month? Currency, Number, or Perc
ollegr [7]

Answer:

Currency

Explanation:

Since sales are in money, and currency shows money, Currency is our answer

3 0
3 years ago
Read 2 more answers
A shop will give discount of 10% if the
wlad13 [49]

Answer:

10%÷100 it is correct answer

6 0
3 years ago
Is this the usb cable that transfers pdf files from a phone to a another computer that doesn't belong to mines?
Dmitrij [34]

yes that is a usb cable

hope that helped

5 0
3 years ago
Moore's Law states that the number of transistors on an integrated circuit? increases by 20% every year
qaws [65]
Doubles every two years
3 0
3 years ago
Other questions:
  • A food web is shown below. In this food web, energy is transferred directly from the to the
    11·1 answer
  • What is computer hacking? describe some examples
    6·1 answer
  • All of the following are strategies to help you prepare for standardized test except <br>​
    5·1 answer
  • python This program outputs a downwards facing arrow composed of a rectangle and a right triangle. The arrow dimensions are defi
    5·2 answers
  • . public members are accessible from ________________ where the object is visible
    9·1 answer
  • Which of the following is NOT a useful strategy when making an informed purchase ?
    7·1 answer
  • A(n) ________ software installation copies all the most commonly used files to your computer's hard drive.
    10·1 answer
  • We need an equals method for the Dog class. It needs to give back to the caller a boolean value indicating whether another objec
    5·1 answer
  • On which tab are the print commands in Excel 2016 accessed?
    7·2 answers
  • Is majority intent determined by how many times the same type of result is shown on the search engine result page?
    6·1 answer
Add answer
Login
Not registered? Fast signup
Signup
Login Signup
Ask question!