Free CompTIA Security+ SY0-701 Practice Question
During a routine inspection, you discover that several computers on the network are communicating with known malicious external IP addresses. What is the MOST effective immediate action to take to minimize the potential impact on the network?
Isolate the affected computers from the network and assess the scope of the compromise.
Shut down the entire network to prevent any data exfiltration or further infections.
Disconnect the affected computers from the internet but allow them to remain on the local network for further analysis.
Immediately update the antivirus software on all network computers to prevent the spread of malware.
This question's topic:
CompTIA Security+ SY0-701 /
Security Operations
SAVE $49