CS0-003 · Question #406
CS0-003 Question #406: Real Exam Question with Answer & Explanation
Sign in or unlock CS0-003 to reveal the answer and full explanation for question #406. The question stem and answer options stay visible for context.
Question
An attacker recently gained unauthorized access to a financial institution's database, which contains confidential information. The attacker exfiltrated a large amount of data before being detected and blocked. A security analyst needs to complete a root cause analysis to determine how the attacker was able to gain access. Which of the following should the analyst perform first?
Options
- ADocument the incident and any findings related to the attack for future reference.
- BInterview employees responsible for managing the affected systems.
- CReview the log files that record all events related to client applications and user access.
- DIdentify the immediate actions that need to be taken to contain the incident and minimize damage.
Unlock CS0-003 to see the answer
You've previewed enough free CS0-003 questions. Unlock CS0-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.