第 6 个问题A security analyst gets an alert involving a phishing attempt. Which step of the triage process does this scenario outline?1 分Assign priorityCollect and analyzeAdd contextReceive and assess

A security analyst in a security operations center (SOC) receives an alert. The alert ticket describes the detection of the download of a possible malware file on an employee's computer. Which step of the triage process does this scenario describe? 1 分Receive and assessAdd contextCollect and analyzeAssign priority

Which action can a security analyst take when they are assessing a SIEM alert?1 pointAnalyze log data and related metricsIsolate an infected network systemRestore the affected data with a clean backupCreate a final report

Question 8A security professional receives an alert about an unknown user accessing a system within their organization. They attempt to identify, analyze, and preserve the associated criminal evidence. What security task does this scenario describe?1 pointResolving error messagesProgramming with codeComputer forensicsSoftware upgrades

In the NIST Incident Response Lifecycle, what is the term used to describe the prompt discovery of security events?1 分ValidationDetection PreparationInvestigation

An organization's computer incident response team (CIRT) receives an alert that shows possible malicious activity on a critical server within the network, and they initiate the CompTIA incident response process.The team follows the incident response lifecycle to address the situation, which involves several key steps.What order must the CIRT follow when performing the CompTIA incident response process?answerDetection, analysis, containment, eradication, recoveryIsolation, analysis, restoration, eradication, improvementPreparation, analysis, isolation, containment, recoveryDetection, analysis, eradication, restoration, improvement