CISA Certified Information Systems Auditor – Question1209

Following a successful attack on an organization’s web server, which of the following actions should be performed FIRST?

A.
Review the boundary configuration rules to ensure that outbound packets are limited
B. Evaluate and deploy an intrusion detection system
C. Periodically scan the network for systems with well-known vulnerabilities
D. Establish reference systems using cryptographic checksum tools

Correct Answer: A