CompTIA Study Materials
AWS Study Materials
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA CySA+ CS0-003 Practice Question

During the recovery phase of an incident, you must restore a group of affected systems. All machines have a recent, verified clean backup available. However, you have been informed that a persistent threat actor had previously established a foothold in the network. What is the BEST step to ensure the re-imaging process prevents the actor from regaining access to the systems?

  • Perform a bare-metal restore and immediately reconnect systems to the network.

  • Only install the latest security patches on the systems prior to re-imaging processes.

  • Integrate additional monitoring tools during the re-imaging process to increase surveillance.

  • Re-image systems with the clean backup and modify default credentials and access controls before reconnection.

Subscribe to avoid duplicate questions and track your progress over time
This question is for objective:
Incident Response and Management
Your Score:
Incident Response and Management
Security Operations
Vulnerability Management
Reporting and Communication