Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 269
A group of company-owned endpoints were infected by ransomware via phishing email. Which two stakeholders must be involved in the containment phase? (Choose two.)
Answer options
- A. Technical Director
- B. Chief Information Security Officer
- C. Owners of the infected endpoints
- D. Incident Response Team Engineers
- E. Chief Physical Security Officer
Correct answer: B, D
Explanation
The Chief Information Security Officer (CISO) plays a crucial role in overseeing the security response and strategy, while the Incident Response Team Engineers are essential for executing the containment and eradication of the ransomware. The other options, while important, do not directly contribute to the immediate containment efforts needed in this scenario.