Which principle is being followed when an analyst gathers information relevant to a security incident to determine the appropriate course of action?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
The principle being followed when an analyst gathers information relevant to a security incident to determine the appropriate course of action is "due diligence." Due diligence is a standard of care that a reasonable person would take under the same circumstances to prevent harm or loss to another person or entity.
In cybersecurity, due diligence means that analysts should take reasonable and appropriate measures to gather all available information about a security incident to determine the appropriate course of action. This includes identifying the scope of the incident, the systems and data affected, the potential impact, and the actors involved.
By following the principle of due diligence, analysts can make informed decisions about the appropriate course of action to take in response to a security incident. This could include containing the incident, mitigating the impact, and preventing future incidents.
It is important to note that due diligence is an ongoing process and not a one-time activity. Analysts must continuously monitor the security environment and take proactive steps to prevent security incidents from occurring in the first place.