CompTIA CySA+ CS0-003 (V3) Practice Question

During a weekend ransomware attack, multiple file servers and an on-prem email cluster were encrypted. By Monday morning, operations are partially restored, and you, as the incident response lead, must submit an executive-level incident report before senior management meets with regulators. The vice president of legal says the board needs to "clearly understand how far the attackers got" before deciding on public disclosure. Given this objective, which single section of the report deserves the greatest level of detail to communicate the incident's scope?

  • Root cause analysis outlining the initial compromise vector

  • Chronological timeline of containment and recovery actions

  • Inventory of affected systems, data classifications, and business processes

  • Mean time to detect and mean time to respond metrics for the incident

CompTIA CySA+ CS0-003 (V3)
Reporting and Communication
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

SAVE $51
$425.00 $374.00
SAVE $57
CompTIA Cybersecurity Analyst Voucher with Retake
CySA+ / v3 / CS0-003
Includes Retake
$474.00 $417.00
Bash, the Crucial Exams Chat Bot
AI Bot