IISFA Exam II0-001 Topic 6 Question 71 Discussion

Actual exam question for IISFA's II0-001 exam

Question #: 71
Topic #: 6

It has been determined that a system on your network has been compromised. What should you do on your IDS and firewalls as soon as possible?

AVerify a sniffer hasn't been installed on the compromised system

BVerify the IDS' & Firewalls haven't been compromised, as well

CReboot the IDS', firewalls and compromised systems for a clean startup

DVerify all systems are using the same NTP server - document any issues

Show Suggested Answer

Suggested Answer: D

by Terrilyn at Jul 09, 2023, 09:26 PM

Limited Time Offer

25%

Off

Get Premium II0-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Lashon

1 months ago

I'm going with B. Checking the IDS and firewalls is like locking the doors and windows before you start cleaning up a mess - gotta make sure the bad guys can't get back in!

upvoted 0 times

Aliza

8 days ago

User 3: I think verifying the IDS' & Firewalls is a smart first step to take.

upvoted 0 times

...

Rolf

13 days ago

User 2: Definitely, we need to make sure the bad guys can't sneak back in.

upvoted 0 times

...

Gwenn

24 days ago

User 1: I agree, checking the IDS and firewalls is crucial to prevent further compromise.

upvoted 0 times

...

Sunshine

2 months ago

B is the obvious choice. Gotta make sure the IDS and firewalls are secure before you can even think about anything else. Wouldn't want to miss the real culprit while chasing a red herring!

upvoted 0 times

...

Glory

2 months ago

Hmm, I'm not sure about D. Verifying NTP synchronization is important, but it's not the most pressing issue here. B seems like the way to go to me.

upvoted 0 times

Bernardine

25 days ago

User 3: Definitely, let's focus on securing our defenses first.

upvoted 0 times

...

Laticia

1 months ago

User 2: Agreed, that should be our first priority to make sure they haven't been compromised.

upvoted 0 times

...

Owen

1 months ago

User 1: I think we should go with option B and verify the IDS' & Firewalls.

upvoted 0 times

...

King

2 months ago

I'm leaning towards C. A clean reboot could help stop any ongoing malicious activity on the compromised system. Plus, it's better to be safe than sorry, right?

upvoted 0 times

Nu

2 days ago

I would also go with C. It's better to be safe than sorry.

upvoted 0 times

...

Angella

10 days ago

I agree, a clean reboot could help prevent further damage.

upvoted 0 times

...

Chun

18 days ago

B) Verify the IDS' & Firewalls haven't been compromised, as well

upvoted 0 times

...

Lenny

23 days ago

I think C is a good choice. It's important to start fresh.

upvoted 0 times

...

Stephaine

29 days ago

A) Verify a sniffer hasn't been installed on the compromised system

upvoted 0 times

...

Asha

2 months ago

We should also check for any sniffers on the compromised system to prevent further data leakage.

upvoted 0 times

...

Delbert

2 months ago

Definitely go with option B. Checking the integrity of the IDS and firewalls is crucial before taking any other action. Can't have the watchdog getting compromised too!

upvoted 0 times