Which of the following should be the NEXT step in this incident response?

CS0-002 V2

Last Post by Gonzalo 2 years ago

1 Posts

1 Users

0 Likes

71 Views

RSS

Gonzalo

(@kossmangonzalo)

Posts: 715

Noble Member

Topic starter

The SOC has received reports of slowness across all workstation network segments. The currently installed antivirus has not detected anything, but a different anti-malware product was just downloaded

and has revealed a worm is spreading

Which of the following should be the NEXT step in this incident response?

A . Enable an ACL on all VLANs to contain each segment
B. Compile a list of loCs so the IPS can be updated to halt the spread.
C. Send a sample of the malware to the antivirus vendor and request urgent signature creation.
D. Begin deploying the new anti-malware on all uninfected systems.

Show Answer Hide Answer

Suggested Answer: A

Posted : 02/11/2022 8:03 am

Topic Tags

CompTIA CySA+

Latest CS0-002 V2 Dumps Valid Version

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download PDF

Forum Jump:

Previous Topic

Next Topic