As a cybersecurity analyst, you notice an application running on multiple employee workstations that has not been approved by the IT department. What is the most appropriate first step to take in this situation?
Conduct an inventory of the software to understand its scope and potential impact.
Remove the software from the affected workstations.
Notify management and wait for further instructions.
The most appropriate first step in dealing with unauthorized software is to conduct an inventory of the software to understand its scope and potential impact. Removing the software or blocking its access without understanding its purpose could lead to operational disruptions. Notifying management is necessary but should follow the technical assessment.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does 'conducting an inventory of software' involve?
Open an interactive chat with Bash
Why is removing unauthorized software immediately not the best first step?
Open an interactive chat with Bash
What kind of risks might unauthorized applications pose?