Free CompTIA Cloud+ CV0-003 Practice Question
In incident response planning, why is it important to distinguish between an 'incident' and an 'event'?
It aids in configuring intrusion prevention systems to automatically block events that are categorized as incidents.
To determine whether user privileges require escalation during a high-severity security event.
It is essential for prioritizing and allocating appropriate resources for potential security threats and impacts versus normal network operations.
To enable the use of forensic tools that can exclusively analyze incidents rather than regular events.
This question's topic:
CompTIA Cloud+ CV0-003 /
Security
SAVE $45