Which component is primarily responsible for isolating affected systems to prevent the spread of an incident?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the Custodian Engineer Test. Study with flashcards and multiple choice questions, each with hints and explanations. Get ready to ace your exam!

Multiple Choice

Which component is primarily responsible for isolating affected systems to prevent the spread of an incident?

Explanation:
Containment is the component focused on isolating affected systems to prevent the incident from spreading. By temporarily disconnecting compromised devices, blocking certain network paths, or segmenting parts of the network, containment limits lateral movement and buys time to assess scope and implement a fix. Detection identifies that something is wrong but doesn’t stop spread on its own. Eradication removes the root cause after containment to eliminate the threat, and recovery restores services once containment and eradication are complete.

Containment is the component focused on isolating affected systems to prevent the incident from spreading. By temporarily disconnecting compromised devices, blocking certain network paths, or segmenting parts of the network, containment limits lateral movement and buys time to assess scope and implement a fix. Detection identifies that something is wrong but doesn’t stop spread on its own. Eradication removes the root cause after containment to eliminate the threat, and recovery restores services once containment and eradication are complete.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy