CompTIA CySA+ CS0-003 Practice Question

Following a security incident where an organization's proprietary data was exfiltrated through an advanced persistent threat (APT), a cybersecurity analyst is tasked with a root cause analysis to prevent future compromises. In reviewing the incident, it was determined that the adversary had been present in the network for several months. Which of the following actions should the analyst prioritize to address the systemic issues that facilitated the prolonged presence of the adversary?

  • Assessing the effectiveness of the organization's threat hunting practices

  • Reviewing the organization's patch management policies and procedures

  • Implementing a strict network segmentation strategy retrospectively

  • Evaluating the encryption methods employed for data at rest within the network

CompTIA CySA+ CS0-003
Incident Response and Management
Your Score:
Settings & Objectives

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot