Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

  1. Home
  2. Discussions
  3. CompTIA
  4. CompTIA CySA+
  5. CS0-003 Discussions
  6. CS0-003 Exam Topic 14 Question 134 Discussion

CompTIA CyberSecurity Analyst CySA+ Certification Exam CS0-003 Question # 134 Topic 14 Discussion

 CompTIA Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

CompTIA CyberSecurity Analyst CySA+ Certification Exam CS0-003 Question # 134 Topic 14 Discussion

CS0-003 Exam Topic 14 Question 134 Discussion:
Question #: 134
Topic #: 14

The SOC received a threat intelligence notification indicating that an employee ' s credentials were found on the dark web. The user ' s web and log-in activities were reviewed for malicious or anomalous connections, data uploads/downloads, and exploits. A review of the controls confirmed multifactor

authentication was enabled. Which of the following should be done first to mitigate impact to the business networks and assets?
A.

Perform a forced password reset.

B.

Communicate the compromised credentials to the user.

C.

Perform an ad hoc AV scan on the user ' s laptop.

D.

Review and ensure privileges assigned to the user ' s account reflect least privilege.

E.

Lower the thresholds for SOC alerting of suspected malicious activity.

Get Premium CS0-003 Questions
Actual exam question for CompTIA CS0-003 exam by Kai3198 at May 24, 2026, 6:38:46 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next