CompTIA Study Materials
AWS Study Materials
AWS Certified Developer Associate AWS Certified Developer Associate
AWS Certified Developer Associate DVA-C02
AWS Certified Solutions Architect Associate AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Associate SAA-C03
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA CySA+ CS0-003 Practice Question

Upon concluding the containment and eradication of a sophisticated network intrusion, your team is moving into the recovery and post-incident phases. Identifying priority actions is key to enhancing resilience against future attacks. Which of the following actions is paramount for the organization to perform immediately after restoring services?

  • Initiating a lessons learned session with key response team members to evaluate the incident response effectiveness and outline improvement strategies

  • Implementing new sandboxing techniques for email attachments to prevent similar malware infections

  • Running an immediate full-scale audit on all security systems to check for remaining threats

  • Revising the organization's firewall and network perimeter policies based on the specific attack vectors that were exploited

  • Convening the board of directors to explain the technical details of the attack vector and its mitigation

  • Urgently updating all endpoint protection platforms across the enterprise network

This question is for objective:
Incident Response and Management
Your Score:
Incident Response and Management
Security Operations