Multiple Choice
An organization's IRP prioritizes containment over eradication. An incident has been discovered where an attacker outside of the organization has installed cryptocurrency mining software on the organization's web servers. Given the organization's stated priorities, which of the following would be the NEXT step?
A) Remove the affected servers from the network.
B) Review firewall and IDS logs to identify possible source IPs.
C) Identify and apply any missing operating system and software patches.
D) Delete the malicious software and determine if the servers must be reimaged.
Correct Answer:
Verified
Correct Answer:
Verified
Q78: A security team wants to establish an
Q79: A threat actor motivated by political goals
Q80: Which of the following is the proper
Q81: An organization is providing employees on the
Q82: A company has three divisions, each with
Q84: A network technician is trying to determine
Q85: A chief Financial Officer (CFO) has asked
Q86: During a data breach cleanup, it is
Q87: A systems administrator needs to configure an
Q88: A company wants to configure its wireless