CompTIA CySA+ CS0-003 Practice Question

A company has become aware of a potential data breach that may have exposed sensitive customer information. In anticipation of possible litigation, which of the following actions is the BEST to ensure proper preservation of electronic evidence?

Isolate the affected network segment to prevent further unauthorized access and contain the breach.
Take regular system backups to ensure any deleted files can be recovered during the investigation process.
Limit access to the compromised systems exclusively to members of the legal team until the situation is resolved.
Prepare and distribute a legal hold notice to appropriate personnel, and suspend any automated data deletion or overwriting policies.

CompTIA CySA+ CS0-003

Incident Response and Management

Your Score:

SAVE $49

CompTIA Cybersecurity Analyst Voucher (CySA+ CS0-003)

$404.00 $355.00

Bash, the Crucial Exams Chat Bot

AI Bot

CompTIA CySA+ CS0-003 Practice Question

Answer Description

Ask Bash

What is a legal hold notice?

Why is it important to suspend automated data deletion policies during a legal hold?

What are the consequences of not following a legal hold process?

Monthly

$14.99

billed monthly
(cancel any time)

3 Month Pass

$34.99

One time purchase
Does not auto-renew.

Annual Pass

$59.99 $41.99

One time purchase
Does not auto-renew.

Lifetime Pass

$119.99 $83.99

One time purchase
Good for life.

All Exams

Unlimited Tests

Unlimited Questions

AI Tutor

Track scores

Report Cards

Voucher Discounts

Advanced PBQs

Included Exams

CompTIA CySA+ CS0-003 Practice Question

Report Issue

Answer Description

Ask Bash

What is a legal hold notice?

Why is it important to suspend automated data deletion policies during a legal hold?

What are the consequences of not following a legal hold process?

Report Issue