As a cybersecurity analyst, you notice an application running on multiple employee workstations that has not been approved by the IT department. What is the most appropriate first step to take in this situation?
You selected this option
Block the application from accessing the network.
You selected this option
Remove the software from the affected workstations.
You selected this option
Conduct an inventory of the software to understand its scope and potential impact.
You selected this option
Notify management and wait for further instructions.
The most appropriate first step in dealing with unauthorized software is to conduct an inventory of the software to understand its scope and potential impact. Removing the software or blocking its access without understanding its purpose could lead to operational disruptions. Notifying management is necessary but should follow the technical assessment.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does it mean to conduct an inventory of software?
Open an interactive chat with Bash
Why is it important to understand the potential impact of unauthorized software?
Open an interactive chat with Bash
What should be done after gaining an understanding of the unauthorized software?