GIAC Security Leadership Certification (GSLC) — Question 47
Notifying system owners, forcing password updates for affected user accounts, and increased monitoring to detect related malicious activity, occur as part of which process?
Answer options
- A. Recovery from an incident
- B. Eradication of an incident
- C. Preparing for an incident
- D. Identification of an incident
Correct answer: C
Explanation
The correct answer is C, as preparing for an incident includes proactive measures like notifying system owners and enforcing password updates. The other options focus on different stages: recovery deals with restoring systems after an incident, eradication involves removing the incident's cause, and identification is about recognizing the incident itself.