CompTIA Study Materials
AWS Study Materials
AWS Certified Developer Associate AWS Certified Developer Associate
AWS Certified Developer Associate DVA-C02
AWS Certified Solutions Architect Associate AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Associate SAA-C03
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA CySA+ CS0-003 Practice Question

Your team has identified a breach in progress on an endpoint device within the company's network. What is the FIRST step you should take to isolate this device while minimizing the potential for disruption to your organization's operations?

  • Enable the firewall on the device immediately

  • Disconnect the device from the network

  • Power off the device to prevent data loss

  • Physically remove the device from the office

This question's topic:
CompTIA CySA+ CS0-003 / 
Incident Response and Management
Your Score:
Incident Response and Management
Security Operations
Vulnerability Management
Reporting and Communication