ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
An e-commerce company recently contained and eradicated a malware outbreak that spread laterally across its flat network. During the post-incident lessons-learned meeting, the incident response team recommends several actions. Which proposed activity best exemplifies the "implementing new countermeasures" step of the post-incident phase?
Adjust the incident severity matrix to trigger immediate executive notification for future malware detections.
Deploy internal segmentation firewalls and revise network ACLs to block lateral movement between user and server VLANs.
Update the incident report with a detailed timeline of events and remediation actions taken.
Conduct a tabletop drill to test the updated ransomware playbook with key business stakeholders.
Implementing new countermeasures means adding or enhancing security controls so the same type of incident is less likely to recur. Deploying internal segmentation firewalls and tightening access-control lists directly change the technical environment to block the lateral movement technique the attackers exploited, addressing the root cause discovered during analysis. Updating reports, running tabletop exercises, or revising escalation criteria are important post-incident tasks, but they concern documentation, training, or process refinement-not the actual deployment of preventive or detective safeguards. Therefore, rolling out segmentation firewalls and updated ACLs is the action that aligns with implementing new countermeasures.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does lateral movement in a network mean?
Open an interactive chat with Bash
What are internal segmentation firewalls, and why are they important?
Open an interactive chat with Bash
What are network ACLs, and how do they block lateral movement?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Incident Response and Recovery
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .