Answer-first summary for fast verification
Answer: Restore the affected services from backups taken before the incident occurred.
Option A is the most appropriate initial step in recovering the affected services after a security incident. Restoring the services from backups taken before the incident can help ensure the integrity and availability of the services and minimize downtime. While rebuilding the services from scratch (Option B) can be considered if the extent of the compromise is unknown or extensive, it may not be the most efficient approach in all cases. Implementing additional security measures (Option C) and conducting a post-incident review (Option D) are also important steps in the recovery process, but restoring the services from backups should be the first priority to restore normal operations.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your organization has experienced a security incident that has affected its AWS environment. As an AWS Certified Security - Specialty professional, you are tasked with recovering the affected services and restoring normal operations. Describe the steps you would take to recover the services after the incident and ensure the integrity and availability of the affected services.
A
Restore the affected services from backups taken before the incident occurred.
B
Rebuild the affected services from scratch to ensure the removal of any potential malware or compromised components.
C
Implement additional security measures, such as increased monitoring and access controls, to prevent future incidents and ensure the ongoing integrity and availability of the services.
D
Conduct a post-incident review to identify lessons learned and improve the incident response plan and security measures to prevent similar incidents in the future.
No comments yet.