Which of the following is a goal of the eradication phase?

The eradication phase in an incident response process focuses specifically on removing the root cause of an incident that has affected an organization's systems or data. This is crucial because simply resolving the symptoms of an incident without addressing its cause can lead to recurring issues and vulnerabilities. Effective eradication ensures that the threat is fully eliminated, reducing the chances of similar incidents happening in the future.

In the context of incident response, determining the impact of the incident and submitting a report to management are essential activities, but they typically occur in the assessment and reporting phases rather than eradication. Training staff on incident handling is important for preparedness and future prevention, but it is distinct from the immediate goal of addressing and removing the causative factors of an incident during the eradication phase. Thus, the primary focus during eradication is to ensure that the systems are secure, and any exploitative element that triggered the incident is completely addressed.