Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Logical Operations Exam CFR-210 Topic 2 Question 27 Discussion

Actual exam question for Logical Operations's CFR-210 exam
Question #: 27
Topic #: 2
[All CFR-210 Questions]

An organization's public information website has been defaced. The incident response team is actively engaged in the following actions:

- Installing patches on the web server

- Turning off unnecessary services on web server

- Adding new ACL rules to the WAF

- Changing all passwords on web server accounts

Which of the following incident response phases is the team MOST likely conducting?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Peggie at May 08, 2022, 05:21 PM

Limited Time Offer

25%

Off

Get Premium CFR-210 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Lemuel
25 days ago
I'm not sure, it could also be the Respond phase. They're actively investigating and taking immediate actions to address the incident.
upvoted 0 times
...
Eileen
29 days ago
Haha, changing all the passwords? That's like locking the barn door after the horse has bolted. But I guess it's better late than never!
upvoted 0 times
Cordelia
3 days ago
B) Recover
upvoted 0 times
...
Amie
13 days ago
A) Respond
upvoted 0 times
...
...
Dominic
1 months ago
I agree, Contain is the correct answer. They're trying to stop the bleeding and prevent the situation from getting worse.
upvoted 0 times
Margurite
1 days ago
A) Respond
upvoted 0 times
...
...
Louisa
1 months ago
The team is definitely in the Contain phase. Patching, disabling services, and adding new ACL rules are all actions to limit the damage and prevent further compromise.
upvoted 0 times
Catarina
18 days ago
C) Contain
upvoted 0 times
...
Melina
21 days ago
B) Recover
upvoted 0 times
...
Nu
1 months ago
A) Respond
upvoted 0 times
...
...
Silvana
2 months ago
But they are also adding new ACL rules to the WAF, which sounds like they are containing the incident.
upvoted 0 times
...
Loreta
2 months ago
I agree with Celestina, they are installing patches and changing passwords to respond to the incident.
upvoted 0 times
...
Celestina
2 months ago
I think the team is in the Respond phase.
upvoted 0 times
...

Save Cancel