{"id":35,"date":"2022-11-28T10:56:17","date_gmt":"2022-11-28T10:56:17","guid":{"rendered":"https:\/\/exampracticetests.com\/c\/CAS-004\/comptia-casp-cas-004-question027\/"},"modified":"2022-11-28T10:56:17","modified_gmt":"2022-11-28T10:56:17","slug":"comptia-casp-cas-004-question027","status":"publish","type":"post","link":"https:\/\/exampracticetests.com\/c\/CAS-004\/comptia-casp-cas-004-question027\/","title":{"rendered":"CompTIA CASP+ CAS-004 &#8211; Question027"},"content":{"rendered":"<div class=\"question\">While investigating a security event, an analyst finds evidence that a user opened an email attachment from an unknown source. Shortly after the user opened the attachment, a group of servers experienced a large amount of network and resource activity. Upon investigating the servers, the analyst discovers the servers were encrypted by ransomware that is demanding payment within 48 hours or all data will be destroyed. The company has no response plans for ransomware.<br \/>\nWhich of the following is the NEXT step the analyst should take after reporting the incident to the management team?<br \/><strong><br \/>A.<\/strong> Pay the ransom within 48 hours.<br \/><strong>B.<\/strong> Isolate the servers to prevent the spread.<br \/><strong>C.<\/strong> Notify law enforcement.<br \/><strong>D.<\/strong> Request that the affected servers be restored immediately.<\/div>\n<p><\/p>\n<style> .hidden-div{ display:none } <\/style>\n<p>\t\t\t\t\t\t\t<button onclick=\"getElementById('hidden-div').style.display = 'block'\"> Show Answer <\/button> <button onclick=\"getElementById('hidden-div').style.display = 'none'\">Hide Answer<\/button><\/p>\n<div class=\"hidden-div\" id=\"hidden-div\"><span style=\"\"><\/p>\n<div class=\"answer\">Correct Answer: <strong>B<\/strong><\/div>\n<p><\/strong><\/span> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>While investigating a security event, an analyst finds evidence that a user opened an email attachment from an unknown source. Shortly after the user opened the attachment, a group of servers experienced a large amount of network and resource activity. Upon investigating the servers, the analyst discovers the servers were encrypted by ransomware that is [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3,30],"class_list":["post-35","post","type-post","status-publish","format-standard","hentry","category-comptia-casp-cas-004","tag-comptia-casp-cas-004","tag-question-027"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/exampracticetests.com\/c\/CAS-004\/wp-json\/wp\/v2\/posts\/35","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/exampracticetests.com\/c\/CAS-004\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/exampracticetests.com\/c\/CAS-004\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/c\/CAS-004\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/c\/CAS-004\/wp-json\/wp\/v2\/comments?post=35"}],"version-history":[{"count":0,"href":"https:\/\/exampracticetests.com\/c\/CAS-004\/wp-json\/wp\/v2\/posts\/35\/revisions"}],"wp:attachment":[{"href":"https:\/\/exampracticetests.com\/c\/CAS-004\/wp-json\/wp\/v2\/media?parent=35"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/exampracticetests.com\/c\/CAS-004\/wp-json\/wp\/v2\/categories?post=35"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/exampracticetests.com\/c\/CAS-004\/wp-json\/wp\/v2\/tags?post=35"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}