Homework Help: Questions and Answers: During which of the following incident-handling processes would the assistance of NIST Special Publication 800-61 be invaluable?
A. Application
B. Analysis
C. All of these processes
D. Collection
Answer:
First, let’s understand what NIST Special Publication 800-61 is:
- NIST SP 800-61 is the “Computer Security Incident Handling Guide” published by the National Institute of Standards and Technology.
- It provides guidelines for incident handling, particularly for analyzing incident-related data and determining the appropriate response to each incident.
Given Options: Step by Step Answering
a) Application
- This could refer to applying or implementing measures, but it’s vague and not specifically mentioned in incident-handling stages.
b) Analysis
- This phase includes examining data to understand the incident, a core focus of NIST SP 800-61.
c) All of these processes
- This option suggests that the guide is useful in all aspects of incident handling.
d) Collection
- While incident handlers may collect evidence or logs during analysis, “Collection” is not a major phase on its own in NIST’s incident-handling model. It could be part of analysis.
Final Answer:
Based on the above analysis, the correct answer is:
C. All of these processes
The NIST 800-61 guidelines apply to all phases of incident handling, from preparation to recovery, including analysis and evidence collection. Each of these processes is critical for managing incidents effectively and improving organizational security responses.
Learn More: Homework Help