As a cybersecurity analyst, you notice an application running on multiple employee workstations that has not been approved by the IT department. What is the most appropriate first step to take in this situation?
Block the application from accessing the network.
Remove the software from the affected workstations.
Conduct an inventory of the software to understand its scope and potential impact.
Notify management and wait for further instructions.
The most appropriate first step in dealing with unauthorized software is to conduct an inventory of the software to understand its scope and potential impact. Removing the software or blocking its access without understanding its purpose could lead to operational disruptions. Notifying management is necessary but should follow the technical assessment.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does it mean to conduct an inventory of software?
Open an interactive chat with Bash
Why is it important to understand the potential impact of unauthorized software?
Open an interactive chat with Bash
What should be done after gaining an understanding of the unauthorized software?