CompTIA Study Materials
AWS Study Materials
AWS Certified Developer Associate AWS Certified Developer Associate
AWS Certified Developer Associate DVA-C02
AWS Certified Solutions Architect Associate AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Associate SAA-C03
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA CySA+ CS0-003 Practice Question

An organization's IT department has noticed an unusual increase in outbound network traffic and several user accounts originating from a single IP address. Which of the following would be the MOST appropriate action to perform FIRST in order to begin the incident response process?

  • Immediately isolate the affected systems from the network to prevent further unauthorized access

  • Gather all relevant logs and artifacts related to the abnormal activity and ensure they are securely stored

  • Contact law enforcement to report an ongoing cyberattack and seek guidance

  • Shut down the organization's internet connection to stop the outflow of data

This question is for objective:
Incident Response and Management
Your Score:
Incident Response and Management
Security Operations
Vulnerability Management
Reporting and Communication