CompTIA Study Materials
AWS Study Materials
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA CySA+ CS0-003 Practice Question

During a routine review, a security analyst observes large data transfers occurring outside of business hours from a high-level executive's account to an unknown external server. The executive usually accesses sensitive financial records during standard business hours. Which of the following actions should the analyst investigate as a priority to determine if this is an incident?

  • Verify if the executive was actually responsible for the transfers

  • Immediately change the executive account's password

  • Check the integrity of backup files for possible corruption

  • Examine the firewall rules for any recent changes

This question is for objective:
Security Operations
Your Score:
Security Operations
Vulnerability Management
Incident Response and Management
Reporting and Communication