Free CompTIA Security+ SY0-701 Practice Question

Following the detection of aberrant behavior on a critical server that correlates with a known vulnerability alert, what immediate action should an analyst take to best mitigate the risk while preserving the ability to investigate the incident?

  • Examine audit trails and security event log entries to identify any indicators of compromise.

  • Configure the surveillance tools to collect more granular information for a potential forensics analysis.

  • Isolate the server by moving it to a quarantine network.

  • Patch the server immediately with the latest updates available for the suspected vulnerability.

This question's topic:
CompTIA Security+ SY0-701 / 
Security Operations
Your Score:

Check or uncheck an objective to set which questions you will receive.