CISSP – Information Systems Security Architecture Professional (ISSAP) — Question 56

You work as an Incident handling manager for a company. The public relations process of the company includes an event that responds to the e-mails queries.
But since few days, it is identified that this process is providing a way to spammers to perform different types of e-mail attacks. Which of the following phases of the Incident handling process will now be involved in resolving this process and find a solution? Each correct answer represents a part of the solution. Choose all that apply.

Answer options

• A. Identification
• B. Eradication
• C. Recovery
• D. Contamination
• E. Preparation

Correct answer: D, C, B

Explanation

The correct phases to address the issue are Contamination, Recovery, and Eradication. Contamination focuses on identifying the exploit, Recovery involves restoring normal operations, and Eradication is about removing the threat. Identification and Preparation, while important, do not directly address the immediate resolution of the email attack issue.