You are working as a cybersecurity analyst for a 3rd party contractor. You have been brought in by an organization who believes they were hacked by a malicious actor. Their internal security team has hired you to determine the impact of the unauthorized access. At the time of the intrusion there were 5 servers online: DEV_APP_001, PRD_APP_002, PRD_DB_008, STG_DB_004 and FINANCE_009. What step should you take to begin the analysis?

  • Begin analyzing each server after prioritizing them based on the data stored on each server
  • Begin hardening all servers immediately before the impact analysis starts
  • Create a snapshot backup and then reformat each server
  • Create a new server running Kali Linux and make necessary firewall changes to allow it to access all the listed servers

CompTIA Security+ SY0-601
  • Attacks, Threats, and Vulnerabilities
  • Architecture and Design
  • Implementation
  • Operations and Incident Response
  • Governance, Risk, and Compliance
    • This question is filed here