Certified Network Defender (CND) — Question 37

Which of the following incident handling stage removes the root cause of the incident?

Answer options

• A. Eradication
• B. Recovery
• C. Detection
• D. Containment

Correct answer: A

Explanation

The correct answer is A. Eradication focuses on removing the root cause of the incident to prevent recurrence. Recovery is about restoring systems to normal operation, Detection involves identifying incidents, and Containment aims to limit the impact of the incident, but none of these specifically address eliminating the root cause.