An organization has recently deployed an EDR solution across its laptops, desktops, and server infrastructure. The organization’s server infrastructure is deployed in an IaaS environment. A database within the non-production environment has been misconfigured with a routable IP and is communicating with a command and control server.
Which of the following procedures should the security responder apply to the situation? (Choose two.)
A. Contain the server
B. Initiate a legal hold.
C. Perform a risk assessment.
D. Determine the data handling standard.
E. Disclose the breach to customers.
F. Perform an IOC sweep to determine the impact.
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
A. Contain the server
F. Perform an IOC sweep to determine the impact.
https://vceguide.com/which-of-the-following-procedures-should-the-security-responder-apply-to-the-situation/
A. Contain the server
F. Perform an IOC sweep to determine the impact.
https://blog.infogressive.com/6-phases-of-incident-response
https://vceguide.com/which-of-the-following-procedures-should-the-security-responder-apply-to-the-situation/