CompTIA Security+ SY0-701 Practice Question

During an incident response, your team has detected a compromised system that is a part of the network. Which of the following actions is the BEST initial containment strategy to minimize the spread of an attack while preserving the state of the system for further investigation?

  • Applying all missing patches to the affected system

  • Rebooting the system to remove the attack components

  • Changing all user passwords immediately

  • Isolating the affected system from the network

CompTIA Security+ SY0-701
Security Operations
Your Score:
Settings & Objectives

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot