IISFA Exam II0-001 Topic 6 Question 71 Discussion

Actual exam question for IISFA's II0-001 exam

Question #: 71
Topic #: 6

It has been determined that a system on your network has been compromised. What should you do on your IDS and firewalls as soon as possible?

AVerify a sniffer hasn't been installed on the compromised system

BVerify the IDS' & Firewalls haven't been compromised, as well

CReboot the IDS', firewalls and compromised systems for a clean startup

DVerify all systems are using the same NTP server - document any issues

Show Suggested Answer

Suggested Answer: D

by Terrilyn at Jul 09, 2023, 09:26 PM

Limited Time Offer

25%

Off

Get Premium II0-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

King

7 days ago

I'm leaning towards C. A clean reboot could help stop any ongoing malicious activity on the compromised system. Plus, it's better to be safe than sorry, right?

upvoted 0 times

...

Asha

8 days ago

We should also check for any sniffers on the compromised system to prevent further data leakage.

upvoted 0 times

...

Delbert

8 days ago

Definitely go with option B. Checking the integrity of the IDS and firewalls is crucial before taking any other action. Can't have the watchdog getting compromised too!

upvoted 0 times

...