Register
5:00
Stop
CISSP - Security Incident Response and Recovery - Incident Response Team
Intermediate
1/5
An organization faced a security incident where unauthorized access was identified on their server. As a member of the Incident Response Team, you'll preserve as much evidence as possible. What should be your first step?
a.
Update the security protocols on the server immediately.
b.
Create forensically sound copies of the affected systems.
c.
Attempt to communicate with the attacker.
d.
Immediately shut down the affected systems.
Intermediate