Dell EMC Exam DES-9131 Topic 4 Question 41 Discussion

Actual exam question for Dell EMC's DES-9131 exam

Question #: 41
Topic #: 4

The network security team in your company has discovered a threat that leaked partial data on a compromised file server that handles sensitive information. Containment must be initiated and addresses by the CSIRT.

Service disruption is not a concern because this server is used only to store files and does not hold any critical workload. Your company security policy required that all forensic information must be preserved.

Which actions should you take to stop data leakage and comply with requirements of the company security policy?

ADisconnect the file server from the network to stop data leakage and keep it powered on for further
analysis.

BShut down the server to stop the data leakage and power it up only for further forensic analysis.

CRestart the server to purge all malicious connections and keep it powered on for further analysis.

DCreate a firewall rule to block all external connections for this file server and keep it powered on for further analysis.

Show Suggested Answer

Suggested Answer: C

by Candida at Jun 19, 2022, 06:53 PM

Limited Time Offer

25%

Off

Get Premium DES-9131 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!