CISM Incident Management • Set 5
CISM Incident Management Practice Test 5 — 15 questions with explanations. Free, no signup.
An organization has experienced a ransomware attack that encrypted critical servers. The incident has been classified as P1. Which of the following is the FIRST action the incident response team should take according to the IR plan?