Based on the IRP, what should be done immediately?

Posted by: Pdfprep Category: DES-9131 Tags: , , Post Date: January 4, 2021

Your firewall blocked several machines on your network from connecting to a malicious IP address. After reviewing the logs, the CSIRT discovers all Microsoft Windows machines on the network have been affected based on a newly published CVE.

Based on the IRP, what should be done immediately?
A . Update the asset inventory
B . Contain the breach
C . Eradicate the breach
D . Revise the IRP

Answer: A

Author

Leave a Reply

Your email address will not be published.