Free CompTIA Security+ SY0-701 Practice Question

A cybersecurity analyst has been notified of an active exploitation of a critical vulnerability within the organization's public facing web application. Which of the following incident response steps should the analyst perform FIRST?

  • Isolate the affected systems to prevent potential spread.

  • Inform senior management and other relevant stakeholders about the incident.

  • Conduct a lessons learned meeting to review the incident response process.

  • Initiate the recovery process to restore systems to normal operation.

This question's topic:
CompTIA Security+ SY0-701 / 
Security Operations
Your Score:

Check or uncheck an objective to set which questions you will receive.