Eve is an incident handler in ABC organization. One day, she got a complaint about an email hacking incident from one of the employees of the organization. As a part of incident handling and response process, she must follow a number of recovery steps in order to recover from the incident impact and maintain business continuity.
What is the first step that she must do to secure the employee's account?

Alexis works as an incident responder at XYZ organization. She was asked to identify and attribute the actors behind an attack that occurred recently. For this purpose, she is performing a type of threat attribution that deals with the identification of a specific person, society, or country sponsoring a well-planned and executed intrusion or attack on its target.
Which of the following types of threat attributions is Alexis performing?

Marley was asked by his incident handing and response (IH&R) team lead to collect volatile data such as system information and network information present in the registries, cache, and RAM of victim's system.
Identify the data acquisition method Marley must employ to collect volatile data.

Which of the following is a common tool used to help detect malicious internal or compromised actors?

Francis received a spoof email asking for his bank information. He decided to use a tool to analyze the email headers.
Which of the following should he use?