New Release: Earn Rewards by referring new users! You can earn rewards redeemable for discounts on Vouchers and Memberships!

Free CompTIA CySA+ CS0-003 Practice Question

After a security breach was identified in a company's financial system, a cybersecurity analyst has been tasked with conducting a forensic analysis of the compromised server. Which of the following actions is the MOST important initial step the analyst should take to ensure the integrity of the forensic investigation?

  • Utilize write blockers when making a forensic copy of the storage media.

  • Reboot the server to analyze its behavior during startup for potential anomalies.

  • Immediately disconnect the server from the network to prevent further access.

  • Begin analyzing the most recently modified files for evidence of the intrusion.

This question's topic:
CompTIA CySA+ CS0-003 / 
Incident Response and Management
Your Score:

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Study for free by referring new users! Hide these
SAVE $49
CompTIA Cybersecurity Analyst Voucher (CySA+ CS0-003)
$404.00 $355.00