A security analyst is responding to an incident that involves a malicious attack on a network data closet. Which of the following best explains how the analyst should properly document the incident?
A.
Back up the configuration file for all network devices.
B.
Record and validate each connection.
C.
Create a full diagram of the network infrastructure.
I understand the confusion. They are talking about network and malicious attack, so we assume it is logical. However. it is mentioned that Network data closet (a physical room in a building) was maliciously attacked. I.e., cables ripped, hardware devised snatched or broken. This is a physical attack that happened to a network data room. Pictures can be taken with a camera for investigation. Hope this helps.
Horrible question. Assuming this is a physical closet then yes take photo's, but that is not necessarily obvious from how it is written. Do better CompTIA.
Network data closets are often targets for physical attacks because they contain critical networking hardware.
Malicious activities in these environments often involve actions like:
Unplugging or rerouting cables.
Physically damaging network devices.
Adding unauthorized devices (e.g., rogue access points or keyloggers).
Tampering with configurations by accessing network devices physically.
In this case, documenting the incident by taking photos of the impacted items (option D) would be appropriate because it helps capture evidence of physical tampering or damage, which would be relevant in a physical security breach.
Taking photos is a direct way to document the physical state of the impacted items after an incident. This can provide an immediate and clear visual record of the scene as it was found, which can be crucial for subsequent investigations and for understanding what occurred. This documentation can be especially valuable if there is any physical damage or if there are indicators of how the attackers gained access or what they might have done while inside.
In the context of a malicious attack on a network data closet, recording and validating each connection (Option B) would be crucial for understanding the scope of the incident, identifying potential points of compromise, and facilitating remediation efforts.
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.CS0-003 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
AndreasH
Highly Voted 1 year, 2 months agoPatrickH
1 year agoInstguy
1 year, 2 months agoJAlexander35
9 months, 2 weeks agoSusan4041
Most Recent 1 month agoSusan4041
1 month agostudy_study
3 months, 2 weeks agoFreshly
5 months, 3 weeks agocy_analyst
7 months agokinny4000
7 months agosection8santa
1 year, 1 month agoFranky30
1 year, 1 month ago