CompTIA Study Materials
AWS Study Materials
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA Security+ SY0-601 Practice Question

During a cybersecurity incident, you suspect that an attacker has tampered with the memory contents of a compromised system to execute unauthorized actions. What is the most appropriate immediate action to preserve the current state of the system's memory for analysis?

  • Reboot the system in a safe mode and install system monitoring software.

  • Run a complete antivirus scan to remove any potential threats before capturing memory contents.

  • Acquire a snapshot of the system's active memory.

  • Power off the system to prevent any further damage or data loss.

Subscribe to avoid duplicate questions and track your progress over time

Your Score:
Operations and Incident Response
Architecture and Design
Governance, Risk, and Compliance
Attacks, Threats, and Vulnerabilities
CompTIA Security+ SY0-601
  • Attacks, Threats, and Vulnerabilities
  • Architecture and Design
  • Implementation
  • Operations and Incident Response
    • This question is filed here
  • Governance, Risk, and Compliance