An IDS failed to detect an event. Which of the following should you determine next?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Study for the CompTIA Cloud+ exam. Enhance your skills with flashcards and multiple choice questions, each supported by hints and explanations. Prepare effectively for your certification!

Multiple Choice

An IDS failed to detect an event. Which of the following should you determine next?

Explanation:
When an IDS misses an event, the immediate priority is to understand how widespread the impact is. Determining the blast radius reveals which assets, networks, and data were affected and how far the attacker could have moved. This insight guides containment actions (which systems to isolate or power down), helps you prioritize recovery, and informs what evidence to collect for forensic analysis. The incident timeline and the origin of the event are still important for reconstruction and remediation, but without first knowing the scope of impact you can’t effectively contain or recover. Adjusting alert thresholds would help prevent future misses, but it doesn’t address what’s already happened.

When an IDS misses an event, the immediate priority is to understand how widespread the impact is. Determining the blast radius reveals which assets, networks, and data were affected and how far the attacker could have moved. This insight guides containment actions (which systems to isolate or power down), helps you prioritize recovery, and informs what evidence to collect for forensic analysis.

The incident timeline and the origin of the event are still important for reconstruction and remediation, but without first knowing the scope of impact you can’t effectively contain or recover. Adjusting alert thresholds would help prevent future misses, but it doesn’t address what’s already happened.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy