Question: 49
(Choose 1 answer)
In which step of the NIST incident response process does the CSIRT perform an analysis to determine which
networks, systems, or applications are affected; who or what originated the incident; and how the incident is
occurring?
A. incident notification
B. attacker identification
C. scoping
D. detection
