What step should be taken after data is collected, but before equipment is disconnected, if a security breach is found on a system?
- Create a drive image of the system.
- Isolate the infected system.
- Photograph the system.
- Determine if data tampering has occurred.
Exam with this question: CCNA Security Chapter 11 Exam Answers
Please login or Register to submit your answer