New Release: Earn Rewards by referring new users! You can earn rewards redeemable for discounts on Vouchers and Memberships!

Free CompTIA CySA+ CS0-003 Practice Question

An organization has detected a breach that resulted in unauthorized access to its customer database. Despite efforts to isolate the infected systems, the threat actor maintains persistence in the environment. Which of the following actions would be the MOST effective next step in the recovery process?

  • Apply patches to the infected systems to close the vulnerabilities exploited by the threat actor.

  • Disconnect the infected systems from the network and perform a basic clean-up using antivirus software.

  • Re-image the infected systems to a known good state before reintegrating them back into the network environment.

  • Increase network monitoring to catch further malicious activities by the threat actor.

This question's topic:
CompTIA CySA+ CS0-003 / 
Incident Response and Management
Your Score:

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Study for free by referring new users! Hide these
SAVE $49
CompTIA Cybersecurity Analyst Voucher (CySA+ CS0-003)
$404.00 $355.00