Question

a small company recently discovered malware on its servers. the company spent a considerable amount of time and money to clean the servers and remove the malware. the company wants to institute new policies to prevent future attacks. which phase of incident response is the company implementing?

Answer 1

The company is in the Post-Incident Activity phase of incident response, where it learns from the incident and improves future security measures.

Step-by-step explanation:

The phase of incident response a company is implementing when it institutes new policies to prevent future malware attacks, after having cleaned malware from its servers, is known as the Post-Incident Activity phase. This phase is crucial as it involves learning from the incident and building strategies to improve future security measures. It is typically the last phase in the incident response process, following the preparation, detection and analysis, containment, eradication, and recovery phases.