GIAC Certified Incident Handler: GCIH Exam
- GCIH Questions & Answers
- Exam Code: GCIH
- Exam Name: GIAC Certified Incident Handler
- Q & A: 328 Q&As
QUESTION NO: 1
Adam works as an Incident Handler for Umbrella Inc. He has been sent to the California unit to train the members of the incident response team. As a demo project he asked members of the
incident response team to perform the following actions:
Remove the network cable wires.
Isolate the system on a separate VLAN
Use a firewall or access lists to prevent communication into or out of the system.
Change DNS entries to direct traffic away from compromised system
Which of the following steps of the incident handling process includes the above actions?
A. Identification
B. Containment
C. Eradication
D. Recovery
Answer: B