Question

Which is not part of a incident response preparation phase?

Answer 1

Hey mate, reffer to the attachment :

Hope this answer helps you...!!!

Answer 2

There are six phases in the incident response plan-

1. Preparation

2. Identification

3. Containment

4. Eradication

5. Recovery

6. Lessons learned

For effective incident response, preparation is the basic key. A predefined guidelines should be there for effectively handle an incident. The following should be included:

1. Develop and document IR policies: Create policies and procedures for effective incident response and make agreements.

2. Define guidelines for communication: During communication in the incident create communication guidelines. The communication guidelines should be followed after the communication also.

3. Incorporate threat intelligence feeds: After communication guidelines has been created, start performing ongoing collection, synchronization, and analysis of the threat intelligence feeds.

4. Conduct cyber hunting exercises: to search for the incidents that happen in the surrounding make the threat hunting exercise which enables proactive responses of the incidents.

5. Assess the threat detection capability: Evaluate the detection capability of the current threat and then update the risk assessment and the improvement of the programs.