CompTIA
CAS-003 · Question #597
CAS-003 Question #597: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-003 to reveal the answer and full explanation for question #597. The question stem and answer options stay visible for context.
Question
The SOC is reviewing processes and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. This allowed the malware to spread to additional hosts before it was contained. Which of the following would BEST to improve the incident response process?
Options
- AUpdating the playbook with better decision points
- BDividing the network into trusted and untrusted zones
- CProviding additional end-user training on acceptable use
- DImplementing manual quarantining of infected hosts
Unlock CAS-003 to see the answer
You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.