ExpertMedium1 markMultiple Choice
CPA · Question 59 · Area II: Security
In Incident Response, what is the primary goal of the 'Containment' phase?
In Incident Response, what is the primary goal of the 'Containment' phase?
Answer options:
A.
To determine who caused the attack.
B.
To restore systems to normal operation.
C.
To limit the damage and prevent the incident from spreading.
D.
To update the incident response plan.
How to approach this question
Containment = Quarantine.
Full Answer
C.To limit the damage and prevent the incident from spreading.✓ Correct
Containment involves isolating affected systems (e.g., disconnecting from network) to prevent the attack from spreading to other parts of the environment.
Common mistakes
Confusing Containment with Eradication (removing the threat) or Recovery (restoring service).
Practice the full CPA ISC Practice Exam 5
82 questions · hints · full answers · grading
More questions from this exam
Q01A service organization provides a cloud-based payroll processing application to its user entities...MediumQ02An auditor is reviewing the shared responsibility model for a client using an Infrastructure as a...HardQ03A financial institution requires a cloud deployment model that offers the highest level of contro...MediumQ04During an IT audit, you observe that a company uses a 'Hybrid Cloud' architecture. Which scenario...MediumQ05Which component of IT architecture is primarily responsible for translating domain names (like ww...Easy