nerdexam
ExamsCV0-003Questions#722
CompTIA

CV0-003 · Question #722

CV0-003 Question #722: Real Exam Question with Answer & Explanation

The correct answer is B: Configure a firewall rule to block the traffic on the affected instance.. The containment phase of a security incident is the first phase of the incident response process. The goal of the containment phase is to limit the impact of the incident and prevent it from One of the most important things to do during the containment phase is to block the traff

Security

Question

Which of the following actions should a systems administrator perform during the containment phase of a security incident in the cloud?

Options

  • ADeploy a new instance using a known-good base image.
  • BConfigure a firewall rule to block the traffic on the affected instance.
  • CPerform a forensic analysis of the affected instance.
  • DConduct a tabletop exercise involving developers and systems administrators.

Explanation

The containment phase of a security incident is the first phase of the incident response process. The goal of the containment phase is to limit the impact of the incident and prevent it from One of the most important things to do during the containment phase is to block the traffic on the affected instance. This will prevent the attacker from communicating with the instance and further compromising the system.

Topics

#incident response#containment phase#firewall rules#cloud security

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CV0-003 Practice