An organization's IRP prioritizes containment over eradication. An incident has been discovered where an attacker outside of the organization has installed cryptocurrency mining software on the organization's web servers. Given the organization's stated priorities, which of the following would be the NEXT step?
A) Remove the affected servers from the network.
B) Review firewall and IDS logs to identify possible source IPs.
C) Identify and apply any missing operating system and software patches.
D) Delete the malicious software and determine if the servers must be reimaged.
Correct Answer:
Verified
Q458: A company network is currently under attack.
Q459: Which of the following is MOST likely
Q460: The president of a company that specializes
Q461: A systems administrator is receiving multiple alerts
Q462: Which of the following is the MOST
Q464: A security engineer is analyzing the following
Q465: Which of the following represents a multifactor
Q466: An attacker has gathered information about a
Q467: Which of the following documents would provide
Q468: A government organization recently contacted three different
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents