CompTIA
CV0-003 · Question #769
CV0-003 Question #769: Real Exam Question with Answer & Explanation
Sign in or unlock CV0-003 to reveal the answer and full explanation for question #769. The question stem and answer options stay visible for context.
Security
Question
During a security incident, an IaaS compute instance is detected to send traffic to a host related to cryptocurrency mining. The security analyst handling the incident determines the scope of the incident is limited to that particular instance. Which of the following should the security analyst do NEXT?
Options
- AIsolate the instance from the network into quarantine
- BPerform a memory acquisition in the affected instance
- CCreate a snapshot of the volumes attached to the instance
- DReplace the instance with another from the baseline
Unlock CV0-003 to see the answer
You've previewed enough free CV0-003 questions. Unlock CV0-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#incident response#snapshot forensics#cryptocurrency mining#instance isolation