Exam CS0-002 topic 1 question 387 discussion

Answer B

markfu gives a valid answer as to why it cannot be the D... There is no indication that there is a Cryptomining malware. It is true that there is a process running but it may be due to a poorly planned process, for example or some other reason. The root cause should be investigated first and then fixed. Therefore the most logical answer is B

B is the best answer. Isolate, backup, and then you can start analyze. You can't just assume it's crypto mining and start working on it.

it say next step not final step so looking at all the options i think B matches the request of the question,

You can't sign into a server bc of resource usage and that means it's cryptomining? lol. Get it to a state where you can log in and do an analysis.

Answer D Explanation: Cryptomining malware can cause performance issues, increased energy consumption, overheating, or hardware damage1 The analyst encountered cryptomining malware on the web server, as indicated by the following signs: - analyst was unable to log in remotely or on the console, as the malware blocked access to prevent detection or removal. -The console messages showed that the server was running out of memory and CPU resources, as the malware consumed all available resources for mining. - The best step for the analyst to take next is to reboot the server and disable any cron jobs or startup scripts that start the mining software. This can help stop the mining activity and restore access to the server. The analyst should also scan the server for any other traces of malware and remove them

You need to analyse first

i go for A

I found this: https://www.dumpspedia.com/cs0-002-comptia-cysap-certification-exam-cs0-002-dumps.html

I think it's A. we need to identify the situation first, anyway, help is needed if someone can hear me!