Jul '25 • 🙋♂️ CISSP
CISSP Practice Question (Security Operations - Hard):
During a routine security audit, your organization's security team discovered suspicious network traffic originating from a specific internal host to an external IP address known for malicious activities. Further investigation revealed potential data exfiltration. You have been tasked with initiating an incident response and digital forensics investigation. Which of the following steps should be prioritized in this scenario?
Options:
A. Immediately isolate the internal host from the network to contain the incident.
B. Deploy a network intrusion detection system (NIDS) to monitor the suspicious host's traffic.
C. Obtain a memory dump of the suspicious host for volatile data analysis.
D. Shut down the network firewall to prevent further data exfiltration.
3
7 comments
CISSP Practice Question (Security Operations - Hard):
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+44
2
+42
3
+34
4
+33
5
+31
Powered by