CompTIA CySA+ CS0-003 Practice Question
During an incident response operation, a compromised server needs to be restored to a trusted state. Describe the proper action to re-image the server effectively.
Erase the current system and install a pre-configured, verified clean image
Run a comprehensive antivirus program to clean the malware and then update security patches.
Perform a system restore from the compromised server's own backup files.
Install the latest operating system patches and restore system settings from a recent backup.