Last Updated on November 16, 2023 by InfraExam
The incident response phases can be grouped into detect, respond, and recover. Which of the following is not considered a step in any of these three phases?
- lessons learned
|Explanation & Hint:
Retaliation is not considered a step in any of the three primary incident response phases (detect, respond, and recover) in a standard incident response framework.
Retaliation, in the context of incident response, is not an appropriate action. Instead, the focus should be on containment, eradication, and recovery to minimize the impact of the incident and prevent future occurrences. Retaliation or offensive actions are typically not recommended and can lead to legal and ethical issues.