QUESTION:52The network security team in your company has discovered a threat that leaked partialdata on a compromised file server that handles sensitive information. Containment mustbe initiated and addresses by the CSIRT. Service disruption is not a concern because thisserver is used only to store files and does not hold any critical workload. Your companysecurity policy required that all forensic information must be preserved. Which actionsshould you take to stop data leakage and comply with requirements of the companysecurity policy?
Get answer to your question and much more