Which Security Control Objective describes actions taken during an incident?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the Security Operations Exam with targeted practice questions. Enhance your understanding with detailed explanations and tips to successfully pass your exam!

Multiple Choice

Which Security Control Objective describes actions taken during an incident?

Explanation:
During an incident, the focus is on responding to contain, mitigate, and coordinate actions as the event unfolds. This set of actions is described as responsive—the active steps taken in real time to limit damage, preserve evidence, and keep operations as functional as possible while the incident is ongoing. In incident response, you move through stages like detection and analysis, containment, eradication, and recovery; the work in containment and mitigation is what you’re doing in the moment, hence the responsive label. For example, actions such as isolating affected systems, blocking malicious traffic, and activating the incident response runbook are responsive efforts. Preventive controls aim to stop incidents from happening in the first place, detective controls focus on identifying that an incident has occurred, and corrective controls aim to restore systems after the incident has been resolved. Since the emphasis is on actions taken during the incident itself, responsive is the best fit.

During an incident, the focus is on responding to contain, mitigate, and coordinate actions as the event unfolds. This set of actions is described as responsive—the active steps taken in real time to limit damage, preserve evidence, and keep operations as functional as possible while the incident is ongoing. In incident response, you move through stages like detection and analysis, containment, eradication, and recovery; the work in containment and mitigation is what you’re doing in the moment, hence the responsive label.

For example, actions such as isolating affected systems, blocking malicious traffic, and activating the incident response runbook are responsive efforts.

Preventive controls aim to stop incidents from happening in the first place, detective controls focus on identifying that an incident has occurred, and corrective controls aim to restore systems after the incident has been resolved. Since the emphasis is on actions taken during the incident itself, responsive is the best fit.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy