CompTIA Study Materials
AWS Study Materials
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA CySA+ CS0-003 Practice Question

During an incident response activity, your team has successfully isolated the affected systems to prevent further spread of the incident. What is the NEXT best step to evaluate in order to determine the priority for containment and recovery procedures?

  • Determine the scope of affected systems beyond those already isolated.

  • Assess the impact of the incident in terms of data loss, service disruption, and damage to assets.

  • Continue gathering evidence to pinpoint the initial entry point of the attackers.

  • Begin the eradication process by removing the threat actor's presence from the network.

This question is for objective:
Incident Response and Management
Your Score:
Incident Response and Management
Security Operations
Vulnerability Management
Reporting and Communication