CompTIA Study Materials
AWS Study Materials
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA CySA+ CS0-003 Practice Question

A company has become aware of a potential data breach that may have exposed sensitive customer information. In anticipation of possible litigation, which of the following actions is the BEST to ensure proper preservation of electronic evidence?

  • Take regular system backups to ensure any deleted files can be recovered during the investigation process.

  • Isolate the affected network segment to prevent further unauthorized access and contain the breach.

  • Prepare and distribute a legal hold notice to appropriate personnel, and suspend any automated data deletion or overwriting policies.

  • Limit access to the compromised systems exclusively to members of the legal team until the situation is resolved.

This question is for objective:
Incident Response and Management
Your Score:
Incident Response and Management
Security Operations
Vulnerability Management
Reporting and Communication