CompTIA Exam CAS-003 Topic 5 Question 30 Discussion

Actual exam question for CompTIA's CAS-003 exam

Question #: 30
Topic #: 5

The SOC is reviewing processes and procedures after a recent incident. The review indicates it took more

than 30 minutes to determine that quarantining an infected host was the best course of action. This allowed the malware to spread to additional hosts before it was contained. Which of the following would BEST to improve the incident response process?

AUpdating the playbook with better decision points

BDividing the network into trusted and untrusted zones

CProviding additional end-user training on acceptable use

DImplementing manual quarantining of infected hosts

Show Suggested Answer

Suggested Answer: C

by Fernanda at May 09, 2022, 12:07 PM

Limited Time Offer

25%

Off

Get Premium CAS-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!