a. Why is speed of response important? b. Why is accuracy of response important? c. Define incident response in terms of planning. d. Why are rehearsals important? e. What is a walkthrough or table-top exercise? f. Why is a live test better? g. What is the problem with live tests?
a. What is containment? b. Why is disconnection undesirable? c. What is black holing? d. Why may it only be a temporary containment solution? e. Why might a company allow an attacker to continue working in the system for a brief period of time? f. Why is this dangerous? g. Who should make decisions about letting an attack continue or disconnecting an important system?
Already registered? Login
Not Account? Sign up
Enter your email address to reset your password
Back to Login? Click here