Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

  1. Home
  2. Discussions
  3. CompTIA
  4. CompTIA CySA+
  5. CS0-003 Discussions
  6. CS0-003 Exam Topic 15 Question 140 Discussion

CompTIA CyberSecurity Analyst CySA+ Certification Exam CS0-003 Question # 140 Topic 15 Discussion

 CompTIA Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

CompTIA CyberSecurity Analyst CySA+ Certification Exam CS0-003 Question # 140 Topic 15 Discussion

CS0-003 Exam Topic 15 Question 140 Discussion:
Question #: 140
Topic #: 15

A security alert was triggered when an end user tried to access a website that is not allowed per organizational policy. Since the action is considered a terminable offense, the SOC analyst collects the authentication logs, web logs, and temporary files, reflecting the web searches from the user ' s workstation, to build the case for the investigation. Which of the following is the best way to ensure that the investigation complies with HR or privacy policies?
A.

Create a timeline of events detailinq the date stamps, user account hostname and IP information associated with the activities

B.

Ensure that the case details do not reflect any user-identifiable information Password protect the evidence and restrict access to personnel related to the investigation

C.

Create a code name for the investigation in the ticketing system so that all personnel with access will not be able to easily identity the case as an HR-related investigation

D.

Notify the SOC manager for awareness after confirmation that the activity was intentional

Get Premium CS0-003 Questions
Actual exam question for CompTIA CS0-003 exam by Phoenix6687 at May 28, 2026, 8:09:17 PM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next