What is the purpose of a security policy?
A security policy outlines an organization’s rules and procedures for protecting its digital assets.
What is the first phase of the incident response lifecycle?
Preparation involves developing plans, training staff, and putting tools in place before an incident occurs.
Why is incident detection important?
Timely detection allows organizations to quickly contain and mitigate damage from security breaches.
What is a honeypot in cybersecurity?
A honeypot is a decoy system used to lure attackers and analyze their techniques.
Why is containment a key step in incident response?
Containment helps prevent the spread of an attack to other parts of the network.
What should be done after an incident is resolved?
The lessons learned phase involves reviewing the incident to improve future response and prevention.
Loading Questions...
What is an Intrusion Detection System (IDS)?
An IDS monitors network traffic for suspicious activity and potential threats.
What is the goal of the eradication phase?
Eradication removes the cause of the incident and ensures it does not recur.
Why are incident response plans tested regularly?
Testing helps identify gaps and improve the effectiveness of the response plan before an actual event occurs.