Alerts have been received from the SIEM, indicating infections on multiple computers. Based on threat characteristics, these files were quarantined by the host-based antivirus program. At the same time, additional alerts in the SIEM show multiple blocked URLs from the address of the infected computers; the URLs were classified as uncategorized. The domain location of the IP address of the URLs that were blocked is checked, and it is registered to an ISP in Russia. Which of the following steps should be taken NEXT?

🎲 Try a Random Question | Total Questions in Quiz: 267 | 🧠 Study this quiz with Flashcards

This question is part of a full practice quiz:

CompTIA Cybersecurity Analyst Plus CySA+ CS0-001 Questions — practice the complete quiz, review flashcards, or try a random question.

🧠 Flashcards (fast review) 🧪 Practice Quiz ⚔️ Challenge a Friend 🥊 📊 View Stats

The exam objectives for the CompTIA CySA+ certification exam includes threat management, cyber incident response, vulnerability, and security architecture and tool sets.. The CompTIA CySA+ exam is meant to be combined with PenTest+ to bridge the gap between the CompTIA Security+ exam, which is more generalized and a step-down, and the CompTIA Advanced Security Practitioner (CASP+), which is the highest-level certification that CompTIA offers within the Cybersecurity pathway. The CompTIA CySA+ is more affordable, in-depth and hands-on than the CEH. The CEH, however, is more well-known and... Show more

The exam objectives for the CompTIA CySA+ certification exam includes threat management, cyber incident response, vulnerability, and security architecture and tool sets..

The CompTIA CySA+ exam is meant to be combined with PenTest+ to bridge the gap between the CompTIA Security+ exam, which is more generalized and a step-down, and the CompTIA Advanced Security Practitioner (CASP+), which is the highest-level certification that CompTIA offers within the Cybersecurity pathway.

The CompTIA CySA+ is more affordable, in-depth and hands-on than the CEH. The CEH, however, is more well-known and respected by employers. While both exams share similar exam objectives, the CySA+ has some hands-on simulations/problems where the CEH is multiple choice.
Show less

Alerts have been received from the SIEM, indicating infections on multiple computers. Based on threat characteristics, these files were quarantined by the host-based antivirus<br/> program. At the same time, additional alerts in the SIEM show multiple blocked URLs from the address of the infected computers; the URLs were classified as uncategorized. The<br/> domain location of the IP address of the URLs that were blocked is checked, and it is registered to an ISP in Russia. Which of the following steps should be taken NEXT?

Remove those computers from the network and replace the hard drives. Send the infected hard drives out for investigation.
Install a computer with the same settings as the infected computers in the DMZ to use as a honeypot. Permit the URLs classified as uncategorized to and from that host.
Run a full antivirus scan on all computers and use Splunk to search for any suspicious activity that happened just before the alerts were received in the SIEM.
Run a vulnerability scan and patch discovered vulnerabilities on the next pathing cycle. Have the users restart their computers. Create a use case in the SIEM to monitor failed<br/> logins on the infected computers.

❤ If you liked Fatskills, consider supporting us by checking out The Life Manuals You Never Got.

About | Explore | User Guide | Topics | Subjects | Doubt Solver | Career Aptitude Test | Answers | Free Tools | What Should We Know?
Privacy | Terms |

Without work one finishes nothing. - Ralph Waldo Emerson
© 2026 Fatskills.com

All trademarks, logos and brand names are the property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, trademarks and brands does not imply endorsement.

❤ If you liked Fatskills, consider supporting us by checking out The Life Manuals You Never Got.

About | Explore | User Guide | Topics | Subjects | Doubt Solver | Career Aptitude Test | Answers | Free Tools | What Should We Know? Privacy | Terms |

Without work one finishes nothing. - Ralph Waldo Emerson© 2026 Fatskills.com

All trademarks, logos and brand names are the property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, trademarks and brands does not imply endorsement.

About | Explore | User Guide | Topics | Subjects | Doubt Solver | Career Aptitude Test | Answers | Free Tools | What Should We Know?
Privacy | Terms |

Without work one finishes nothing. - Ralph Waldo Emerson
© 2026 Fatskills.com