New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GSLC Exam - Topic 3 Question 79 Discussion

Actual exam question for GIAC's GSLC exam
Question #: 79
Topic #: 3
[All GSLC Questions]

You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Staci at Jan 05, 2026, 05:16 AM

Limited Time Offer

25%

Off

Get Premium GSLC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Adelina
3 days ago
I'm going with B) Containment too. Can't let that DoS attack run wild, gotta contain it ASAP.
upvoted 0 times
...
Jame
8 days ago
I agree, B) Containment is the way to go. Gotta put out that fire before it burns down the whole house!
upvoted 0 times
...
Ailene
13 days ago
Definitely B) Containment. You need to stop the attack from spreading and causing further damage.
upvoted 0 times
...
Tawna
18 days ago
I thought preparation was more about preventing incidents rather than responding to them. So, it must be containment next, right?
upvoted 0 times
...
Nan
24 days ago
I practiced a similar question where containment was the right answer for a network attack. I feel like that applies here too.
upvoted 0 times
...
Stephane
29 days ago
I'm not entirely sure, but I remember something about recovery being important after an incident. Maybe that's the next step?
upvoted 0 times
...
Jacqueline
1 month ago
I think we should focus on containment first since it's a DoS attack and we need to stop it from affecting more systems.
upvoted 0 times
...
Melita
1 month ago
I agree with the Containment approach. Once we've contained the incident, we can move on to the Recovery phase.
upvoted 0 times
...
Avery
1 month ago
Definitely Containment. We need to isolate the affected systems and block the attack traffic as soon as possible.
upvoted 0 times
...
Roxane
2 months ago
Okay, let's think this through. We need to stop the attack first, so I'm pretty sure Containment is the way to go.
upvoted 0 times
...
Malika
2 months ago
Hmm, I'm a bit unsure here. Is Containment really the right phase, or should we be looking at Recovery instead?
upvoted 0 times
...
Jacinta
2 months ago
I think the next step would be Containment to stop the attack and prevent further damage.
upvoted 0 times
...

Save Cancel