CS0-003 · Question #618
CS0-003 Question #618: Real Exam Question with Answer & Explanation
Sign in or unlock CS0-003 to reveal the answer and full explanation for question #618. The question stem and answer options stay visible for context.
Question
A security analyst is performing a malware analysis on a device and receives the following instructions: - Reduce the blast radius of the potential threat. - Preserve forensic data for post-incident analysis. - If securely possible, preserve connectivity for live analysis. Which of the following will best help the analyst during the investigation?
Options
- AConfigure an EDR agent to isolate the network with authorized exceptions to the NOC VLAN.
- BExecute a SOAR playbook to trigger a malware scan on the company's assets.
- CUse file integrity monitoring to determine if the suspicious file was modified.
- DCollect the suspicious file using SFTP and reimage the device.
Unlock CS0-003 to see the answer
You've previewed enough free CS0-003 questions. Unlock CS0-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.