An analyst has prepared several possible solutions to a successful attack on the company. The solutions need to be implemented with the least amount of downtime. Which of the following should the analyst perform?
Correct Answer: C
To minimize downtime, testing should occur in a virtual lab, not production. The best approach is to test solutions methodically: implement one solution at a time, run an attack simulation, collect metrics, roll back, and repeat. This isolates each solution's effectiveness, ensuring accurate metrics for decision-making without production impact.
Option A: Testing all solutions simultaneously muddies the results-metrics won't show which solution worked.
Option B: Collecting metrics before the simulation misses the point of testing against the attack.
Option C: Correct-tests each solution independently with simulation and metrics, minimizing downtime via virtual lab use.
Option D: Like A, combining solutions obscures individual effectiveness.