Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Discussions
  3. CompTIA
  4. CompTIA CySA+
  5. CS0-003 Discussions
  6. CS0-003 Exam Topic 3 Question 27 Discussion
 CompTIA Discussions
Exam CS0-003 All Questions
Exam CS0-003 All Questions

View all questions & answers for the CS0-003 exam

Go to Exam

CompTIA CySA+ CS0-003 Question # 27 Topic 3 Discussion

CS0-003 Exam Topic 3 Question 27 Discussion:
Question #: 27
Topic #: 3

An attacker recently gained unauthorized access to a financial institution's database, which contains confidential information. The attacker exfiltrated a large amount of data before being detected and blocked. A security analyst needs to complete a root cause analysis to determine how the attacker was able to gain access. Which of the following should the analyst perform first?
A.

Document the incident and any findings related to the attack for future reference.

B.

Interview employees responsible for managing the affected systems.

C.

Review the log files that record all events related to client applications and user access.

D.

Identify the immediate actions that need to be taken to contain the incident and minimize damage.

Get Premium CS0-003 Questions
Actual exam question for CompTIA CS0-003 exam by Kai13393 at May 2, 2026, 9:44:42 PM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit