A security breach has happened at a major corporation. The incident team has responded and executed their incident response plan. During which phase are lessons learned applied?Select one:analyzecontainmentrecoverypreparationpost-incidentdetection

Which phase of an incident response playbook is primarily concerned with preventing further damage and reducing the immediate impact of a security incident?1 pointDetection and analysisPost-incident activityContainmentPreparation

A security analyst documents procedures to be followed in the event of a security breach. They also establish staffing plans and educate employees. What phase of an incident response playbook does this scenario describe? 1 pointPreparationEradication and recoveryDetection and analysisCoordination

Question 7A security analyst wants to set the foundation for successful incident response. They outline roles and responsibilities of each security team member. What phase of an incident response playbook does this scenario describe? 1 pointPreparationContainmentDetection and analysisPost-incident activit

Fill in the blank: During the _____ phase, security teams may conduct a full-scale analysis to determine the root cause of an incident and use what they learn to improve the company’s overall security posture.1 pointeradication and recoverydetection and analysispost-incident activitycontainment

Question 3In which incident response playbook phase would a security team document an incident to ensure that their organization is better prepared to handle future security events?1 pointContainmentPost-incident activityEradication and recoveryCoordination