New Release: Earn Rewards by referring new users! You can earn rewards redeemable for discounts on Vouchers and Memberships!

Free CompTIA CySA+ CS0-003 Practice Question

After a security breach, an analyst determines that several endpoints have been compromised with persistent malware. Isolation procedures have been completed, and the decision has been made to re-image the affected systems to a known good state. Prior to the re-imaging process, which of the following steps is MOST important to perform to maintain the integrity of the incident response process?

  • Re-configuring the endpoint protection on the systems to prevent future infections

  • Deploying patches to all other systems in the network to prevent spread

  • Ensuring a complete backup of the system has been created

  • Immediately disconnecting the affected systems from all networks

This question's topic:
CompTIA CySA+ CS0-003 / 
Incident Response and Management
Your Score:

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Study for free by referring new users! Hide these
SAVE $49
CompTIA Cybersecurity Analyst Voucher (CySA+ CS0-003)
$404.00 $355.00