Which phase of the incident handling process is responsible for defining rules and creating a backup plan?

Study for the EC-Council Certified Ethical Hacker (CEH) v13 Exam. Utilize flashcards and multiple-choice questions with helpful hints and detailed explanations. Excel in your exam preparation!

Multiple Choice

Which phase of the incident handling process is responsible for defining rules and creating a backup plan?

Explanation:
Defining rules and creating a backup plan is part of the preparation phase. In preparation, you set up incident response policies, roles, escalation paths, and runbooks, and you establish continuity and disaster recovery plans so you can recover from incidents. The detection phase focuses on identifying incidents, the eradication phase on removing threats, and the recovery phase on restoring systems after containment. With solid preparation, the response activities that follow have predefined rules and a tested backup strategy to rely on.

Defining rules and creating a backup plan is part of the preparation phase. In preparation, you set up incident response policies, roles, escalation paths, and runbooks, and you establish continuity and disaster recovery plans so you can recover from incidents. The detection phase focuses on identifying incidents, the eradication phase on removing threats, and the recovery phase on restoring systems after containment. With solid preparation, the response activities that follow have predefined rules and a tested backup strategy to rely on.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy