Which of the following is the FIRST step the analyst should take?

CS0-002 V1

Last Post by Lloyd 2 years ago

1 Posts

1 Users

0 Likes

142 Views

RSS

Lloyd

(@salterslloyd)

Noble Member

Joined: 2 years ago

Posts: 746

Topic starter 19/10/2022 4:18 am

A cyber-incident response analyst is investigating a suspected cryptocurrency miner on a company's server.

Which of the following is the FIRST step the analyst should take?

A . Create a full disk image of the server's hard drive to look for the file containing the malware.
B . Run a manual antivirus scan on the machine to look for known malicious software.
C . Take a memory snapshot of the machine to capture volatile information stored in memory.
D . Start packet capturing to look for traffic that could be indicative of command and control from the miner.

Show Answer Hide Answer

Suggested Answer: D

Quote

Topic Tags

CompTIA CySA+

Latest CS0-002 V1 Dumps Valid Version

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download PDF

Forum Jump:

Previous Topic

Next Topic