CompTIA
CAS-003 · Question #226
CAS-003 Question #226: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-003 to reveal the answer and full explanation for question #226. The question stem and answer options stay visible for context.
Question
The DLP solution has been showing some unidentified encrypted data being sent using FTP to a remote server. A vulnerability scan found a collection of Linux servers that are missing OS level patches. Upon further investigation, a technician notices that there are a few unidentified processes running on a number of the servers. What would be a key FIRST step for the data security team to undertake at this point?
Options
- ACapture process ID data and submit to anti-virus vendor for review.
- BReboot the Linux servers, check running processes, and install needed patches.
- CRemove a single Linux server from production and place in quarantine.
- DNotify upper management of a security breach.
- EConduct a bit level image, including RAM, of one or more of the Linux servers.
Unlock CAS-003 to see the answer
You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.