CompTIA Security+ SY0-701 Practice Question

An organization has noticed an unusual amount of traffic to a legacy server. Upon investigation, it was discovered that a service account has been used to elevate permissions and install unauthorized software. Which of the following should be the FIRST step in the incident response process to handle this situation?

  • Eradication

  • Preparation

  • Recovery

  • Containment

CompTIA Security+ SY0-701
Security Operations
Your Score:
Settings & Objectives

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot