Which NIST incident response life cycle phase includes continuous monitoring by the CSIRT to quickly identify and validate an incident?
- detection and analysis
- preparation
- containment, eradication, and recovery
- postincident activities
| Answers Explanation & Hints:
It is in the detection and analysis phase of the NIST incident response life cycle that the CSIRT identifies and validates incidents through continuous monitoring. The NIST defines four stages of the incident response life cycle. |