An organization’s IRP prioritizes containment over eradication. An incident has been discovered
where an attacker outside of the organization has installed cryptocurrency mining software on the
organization’s web servers. Given the organization’s stated priorities, which of the following would
be the NEXT step?
Remove the affected servers from the network.
Review firewall and IDS logs to identify possible source IPs.
Identify and apply any missing operating system and software patches.
Delete the malicious software and determine if the servers must be reimaged.
QUESTION NO: 782
During a security audit of a company's network, unsecure protocols were found to be in use. A
network administrator wants to ensure browser-based access to company switches is using the
most secure protocol. Which of the following protocols should be implemented?
CompTIA SY0-501 Exam
"Pass Any Exam. Any Time." -