CompTIA CySA+ CS0-003 Practice Question
You are working as a cybersecurity analyst when you notice a process on a user’s workstation consuming an unusually high percentage of CPU resources and attempting to make outbound network connections. Which action should you take first to determine if this process is malicious?
Capture and analyze the memory snapshot of the process.
Notify senior management about the incident.
Stop the process if it is determined to be harmful.
Evaluate the process name and its associated metadata.