ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-003 All Questions

View all questions & answers for the CAS-003 exam
Go to Exam

Exam CAS-003 topic 1 question 176 discussion

Actual exam question from CompTIA's CAS-003
Question #: 176
Topic #: 1
[All CAS-003 Questions]

An organization has recently deployed an EDR solution across its laptops, desktops, and server infrastructure. The organization's server infrastructure is deployed in an IaaS environment. A database within the non-production environment has been misconfigured with a routable IP and is communicating with a command and control server.
Which of the following procedures should the security responder apply to the situation? (Choose two.)

  • A. Contain the server.
  • B. Initiate a legal hold.
  • C. Perform a risk assessment.
  • D. Determine the data handling standard.
  • E. Disclose the breach to customers.
  • F. Perform an IOC sweep to determine the impact.
Show Suggested Answer Hide Answer
Suggested Answer: AF 🗳️
by Aixelsyd at June 11, 2021, 10:30 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
AB1938
3 years, 1 month ago
Selected Answer: AF
A & F. Incident Response Steps: Prepare, identify/detect, contain... Security analyst has detected the issue, now it's containment time. Hence, A. EDR can run a sweep/query based on IOCs, hash values, etc - Hence F. Why not B - legal hold is sent to an organization by its legal department to not erase certain info because of ongoing legal case or the one that is imminent. Neither of the two are described in this scenario nor would the security analyst know about it, this is more of a cybersec or infosec director's place, at least where I've worked.
upvoted 1 times
...
vorozco
3 years, 2 months ago
Selected Answer: AF
A. Contain the server. F. Perform an IOC sweep to determine the impact.
upvoted 1 times
...
Aixelsyd
3 years, 10 months ago
Other sources say B: Legal hold, but A feels right to me.
upvoted 3 times
D1960
3 years, 7 months ago
I am not seeing where any legalities are involved.
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago