An employees device was missing for 96 hours before being re

An employees device was missing for 96 hours before being re - CompTIA CAS-005

Question

An employee's device was missing for 96 hours before being reported. The employee called the help desk to ask for another device. Which of the following phases of the incident response cycle needs improvement?

Answers

Containment
correct

Preparation
Resolution
Investigation

Explanation

The correct answer is: B. Preparation

The Preparation phase of the incident response cycle involves implementing policies, procedures, and training to ensure that employees and systems are ready to respond to incidents effectively. In this scenario, the delay of 96 hours before reporting the missing device indicates a lack of clear reporting procedures, insufficient training, or inadequate awareness of security protocols.

To improve the preparation phase:

Train employees on the importance of reporting lost or stolen devices immediately.
Establish clear policies for reporting security incidents.
Ensure employees understand the potential risks of delayed reporting, such as data breaches or unauthorized access.

Why the other options are incorrect:

Containment:

Incorrect: Containment involves stopping the spread of an incident once it is identified. The issue here occurred before the incident was reported, indicating that preparation, not containment, is the problem.

Resolution:

Incorrect: Resolution refers to resolving the incident and restoring normal operations. The problem lies in the delay of reporting, which occurs before resolution activities.

Investigation:

Incorrect: Investigation involves determining the root cause and impact of the incident after it has been reported. The delay in reporting suggests a failure in preparation, not the investigation phase.

View Full Course Content Try our Free Questions

No Payment Cards Needed

CompTIA SecurityX CAS-005 exam

Normally $60

$45/month

Subjects Included

CompTIA SecurityX CAS-005

Additional Features

Over 300 Practice Questions with Answers
Quizzes in every Lesson Provided
Detailed Analysis of Questions with Answers and Explanations
Detailed Notes with Chapters, Topics & Lessons
24/7 Live chat support
24/7 WhatsApp support
One Full Month Access

Get Started

View Other Pricing Plans

CompTIA Prep

CompTIA Cloud+ CV0-004

Start Course Prep

CompTIA Prep

CompTIA Server+ SK0-005

Start Course Prep

Easy way to pass your test within a week with prepsaret

You don’t need one month to study and pass your test.
With Prepsaret, it takes you a few days to grasp all the concepts needed to pass your exams

View Courses Offered