![]() In an Azure environment, you can also use the Update Compliance tool to monitor your device's Windows updates, Windows Defender anti-virus status, and the up to date patching status across all of your Windows 10 workstations. D.During the post-incident activity phase, the organization conducts after-action reports, creates lessons learned, and conducts follow-up actions to better prevent another incident from occurring.ĭ.Use SCCM to validate patch status for each machine on the domain Explanation OBJ-3: The Microsoft System Center Configuration Manager (SCCM) provides remote control, patch management, software distribution, operating system deployment, network access protection, and hardware and software inventory. ![]() B.During the detection and analysis phase, an organization focuses on monitoring and detecting any possible malicious events or attacks. A.During the preparation phase, the incident response team conducts training, prepares their incident response kits, and researches threats and intelligence. Restoration and recovery are often prioritized over analysis by business operations personnel, but taking time to create a forensic image is crucial to preserve the evidence for further analysis and investigation. They must preserve forensic and incident information for future needs, to prevent future attacks, or to bring up an attacker on criminal charges. C.Containment, eradication, and recovery Explanation OBJ-3: A cybersecurity analyst must preserve evidence during the containment, eradication, and recovery phase.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |