اضغط هنا للانضمام الى قروب فوجي للإختبارات على تيليقرام

اختبار شهادة محلل الأمن السيبراني CompTIA CySA+

السؤال 926 من 1040

كل الأسئلة

An analyst prepares an after action report following an incident in which multiple systems were compromised over several days. The analyst provides raw event logs from each compromised system in the report and determines that a patient-zero system cannot be found. Which of the following should the analyst do to determine the patient-zero system?

الخيارات

  • A Establish an accurate timeline of events.
  • B Enable monitoring on the compromised systems.
  • C Isolate the compromised systems before remediation.
  • D Improve the content for incident updates during shift handoff.
  • E Perform a reverse composition analysis on malware packages.

النقاشات

لا توجد نقاشات منشورة لهذا السؤال حالياً.