Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Discussions
  3. CompTIA
  4. CompTIA CySA+
  5. CS0-003 Discussions
  6. CS0-003 Exam Topic 11 Question 109 Discussion
 CompTIA Discussions
Exam CS0-003 All Questions
Exam CS0-003 All Questions

View all questions & answers for the CS0-003 exam

Go to Exam

CompTIA CySA+ CS0-003 Question # 109 Topic 11 Discussion

CS0-003 Exam Topic 11 Question 109 Discussion:
Question #: 109
Topic #: 11

The SOC received a threat intelligence notification indicating that an employee's credentials were found on the dark web. The user's web and log-in activities were reviewed for malicious or anomalous connections, data uploads/downloads, and exploits. A review of the controls confirmed multifactor

authentication was enabled. Which of the following should be done first to mitigate impact to the business networks and assets?
A.

Perform a forced password reset.

B.

Communicate the compromised credentials to the user.

C.

Perform an ad hoc AV scan on the user's laptop.

D.

Review and ensure privileges assigned to the user's account reflect least privilege.

E.

Lower the thresholds for SOC alerting of suspected malicious activity.

Get Premium CS0-003 Questions
Actual exam question for CompTIA CS0-003 exam by Flint56681 at May 3, 2026, 6:45:06 PM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit