CompTIA CySA+ CS0-003 Practice Question

A financial services company has recently suffered from a ransomware attack that has impacted a critical server which is not upgradable to the latest security patches due to legacy software dependencies. The incident response team is considering various options for mitigating the risk of this server being compromised again. Which of the following would be the BEST form of a compensating control given the inability to patch the server?

  • Schedule regular patching for the critical server.

  • Implement network segmentation to isolate the critical server from the broader network.

  • Enforce frequent password rotation for all users with access to the critical server.

  • Produce and store encrypted backups of the server on a bi-weekly basis.

CompTIA CySA+ CS0-003
Incident Response and Management
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot