CompTIA CySA+ CS0-003 Practice Question
As a cybersecurity analyst, you notice an application running on multiple employee workstations that has not been approved by the IT department. What is the most appropriate first step to take in this situation?
Notify management and wait for further instructions.
Conduct an inventory of the software to understand its scope and potential impact.
Remove the software from the affected workstations.
Block the application from accessing the network.