Exam CS0-003 topic 1 question 342 discussion

A System Isolation stops malware from spreading, but it doesn’t restore the system. This is an initial containment step, not a business continuity solution. I think the best answer is B. Reimaging, because is the most reliable way to restore a compromised system to a clean state.

Key words "potentially infected". You wouldn't reimage without knowing if it's actually corrupted. Isolating (A) would be the no-brainer 1st step

Business Continuity focuses on keeping the business running after or during a disruption. It answers: "How do we continue operating if this system goes down?" Isolating a compromised server: Incident Response Ensuring operations continue despite the server outage : Business Continuity

The correct answer is: A. System isolation Explanation: When a system that provides the user interface for a critical server is potentially compromised by malware, the first and best step to ensure business continuity and prevent further spread or damage is to isolate the system. • System isolation ensures that the malware cannot communicate with other systems or propagate through the network. • It helps protect critical infrastructure while allowing time for analysis and remediation. • This step maintains business continuity by containing the threat without immediately disrupting other systems.

When a system connected to a critical server is suspected to be compromised by malware, the first and best action to ensure business continuity and prevent further damage is to isolate the system. ⟶Reimaging is a good remediation step, but not appropriate until after containment. You must isolate first to prevent damage or spread.

"potentially infected"

Key is business continuity. System isolation would not ensure continuity.

Ensuring business continuity? ruelgo has it right.