A company is applying the NIST.SP800-61 r2 incident handling process to security events. What are two examples of incidents that are in the category of precursor? (Choose two.)

  • an IDS alert message being sent
  • multiple failed logins from an unknown source
  • log entries that show a response to a port scan
  • a host that has been verified as infected with malware
  • a newly-discovered vulnerability in Apache web servers

Explanation & Hint:

As an incident category, the precursor is a sign that an incident might occur in the future. Examples of precursors are log entries that show a response to a port scan or a newly-discovered vulnerability in web servers using Apache.

For more Questions and Answers:

CyberOps Associate (200-201) Certification Practice Exam Answers Full 100%