nerdexam
GIAC

GISP · Question #480

GISP Question #480: Real Exam Question with Answer & Explanation

The correct answer is B. Preserve the log files for a forensics expert. C. Prevent the company employees from entering the server room. D. Detach the network cable from the database server.. See the full explanation below for the reasoning.

Question

You work as a Network Administrator for NetTech Inc. The company has a network that consists of 200 client computers and ten database servers. One morning, you find that a hacker is accessing unauthorized data on a database server on the network. Which of the following actions will you take to preserve the evidence? Each correct answer represents a complete solution. Choose three.

Options

  • APrevent a forensics experts team from entering the server room.
  • BPreserve the log files for a forensics expert.
  • CPrevent the company employees from entering the server room.
  • DDetach the network cable from the database server.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GISP Practice