CompTIA Study Materials
AWS Study Materials
AWS Certified Developer Associate AWS Certified Developer Associate
AWS Certified Developer Associate DVA-C02
AWS Certified Solutions Architect Associate AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Associate SAA-C03
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA CySA+ CS0-003 Practice Question

After a security breach, an analyst determines that several endpoints have been compromised with persistent malware. Isolation procedures have been completed, and the decision has been made to re-image the affected systems to a known good state. Prior to the re-imaging process, which of the following steps is MOST important to perform to maintain the integrity of the incident response process?

  • Ensuring a complete backup of the system has been created

  • Immediately disconnecting the affected systems from all networks

  • Re-configuring the endpoint protection on the systems to prevent future infections

  • Deploying patches to all other systems in the network to prevent spread

This question is for objective:
Incident Response and Management
Your Score:
Incident Response and Management
Security Operations
Vulnerability Management
Reporting and Communication