Multiple Choice
A critical server was compromised by malware, and all functionality was lost. Backups of this server were taken; however, management believes a logic bomb may have been injected by a rootkit. Which of the following should a security analyst perform to restore functionality quickly?
A) Work backward, restoring each backup until the server is clean
B) Restore the previous backup and scan with a live boot anti-malware scanner
C) Stand up a new server and restore critical data from backups
D) Offload the critical data to a new server and continue operations
Correct Answer:
Verified
Correct Answer:
Verified
Q83: An organization was alerted to a possible
Q84: A security analyst received a SIEM alert
Q85: A company's Chief Information Security Officer (CISO)
Q86: A cybersecurity analyst is responding to an
Q87: An analyst wants to identify hosts that
Q89: A security analyst has observed several incidents
Q90: A security analyst is providing a risk
Q91: A security analyst for a large financial
Q92: A SIEM solution alerts a security analyst
Q93: A security analyst has received reports of