CertNexus Certified Cyber Secure Coder (CSC) — Question 29

During an incident, the following actions have been taken:
- Executing the malware in a sandbox environment
- Reverse engineering the malware
- Conducting a behavior analysis
Based on the steps presented, which of the following incident handling processes has been taken?

Answer options

• A. Containment
• B. Eradication
• C. Recovery
• D. Identification

Correct answer: A

Explanation

The correct answer is A, Containment, as the actions taken focus on isolating and analyzing the malware to prevent further damage. The other options are incorrect because Eradication pertains to removing the threat, Recovery involves restoring systems, and Identification relates to detecting the incident initially.