Which of the following is one of the three steps of remediation?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Study for the SANS Advanced Incident Response, Threat Hunting, and Digital Forensics (FOR508) Test. Prepare with comprehensive materials, flashcards, and multiple choice questions with hints and explanations. Ace your exam with confidence!

Multiple Choice

Which of the following is one of the three steps of remediation?

Explanation:
Remediation typically unfolds in a planning-then-action-then-validation sequence. The first phase is to posture for remediation: set the scope, gather data, confirm backups and rollback options, secure approvals, and outline a concrete remediation plan. This preparation ensures you know exactly what you’re fixing, how to fix it safely, and how you’ll verify the outcome, reducing the risk of introducing new issues during the fix. So, choosing to posture for remediation aligns with that initial preparation step: getting everything ready and defined before you execute any fixes. Detecting and alerting belongs to discovery/monitoring, not the remediation plan; executing remediation is the actual fix, a separate action step; implementing additional security controls is typically part of hardening that may follow remediation, not the preparatory phase itself.

Remediation typically unfolds in a planning-then-action-then-validation sequence. The first phase is to posture for remediation: set the scope, gather data, confirm backups and rollback options, secure approvals, and outline a concrete remediation plan. This preparation ensures you know exactly what you’re fixing, how to fix it safely, and how you’ll verify the outcome, reducing the risk of introducing new issues during the fix.

So, choosing to posture for remediation aligns with that initial preparation step: getting everything ready and defined before you execute any fixes. Detecting and alerting belongs to discovery/monitoring, not the remediation plan; executing remediation is the actual fix, a separate action step; implementing additional security controls is typically part of hardening that may follow remediation, not the preparatory phase itself.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy