GIAC Certified Incident Handler (GCIH) — Question 116

You work as an Incident handling manager for a company. The public relations process of the company includes an event that responds to the e-mails queries.
But since few days, it is identified that this process is providing a way to spammers to perform different types of e-mail attacks. Which of the following phases of the Incident handling process will now be involved in resolving this process and find a solution?
Each correct answer represents a part of the solution. (Choose all that apply.)

Answer options

• A. Eradication
• B. Contamination
• C. Preparation
• D. Recovery
• E. Identification

Correct answer: A, B, D

Explanation

The correct answers are Eradication, Contamination, and Recovery. Eradication focuses on eliminating the threat, Contamination addresses the root cause of the exploitation, and Recovery ensures that the system is restored to normal operations. Preparation and Identification, while important, do not directly resolve the current exploitation issue.