CompTIA CySA+ (CS0-001) — Question 94

A security analyst's daily review of system logs and SIEM showed fluctuating patterns of latency. During the analysis, the analyst discovered recent attempts of intrusion related to malware that overwrites the MBR. The facilities manager informed the analyst that a nearby construction project damaged the primary power lines, impacting the analyst's support systems. The electric company has temporarily restored power, but the area may experience temporary outages.
Which of the following issues the analyst focus on to continue operations?

Answer options

• A. Updating the ACL
• B. Conducting backups
• C. Virus scanning
• D. Additional log analysis

Correct answer: C

Explanation

The correct answer is C, as conducting virus scanning is crucial to identify and mitigate any malware that might compromise the system, particularly given the recent intrusion attempts. While updating the ACL, conducting backups, and additional log analysis are important, they do not directly address the immediate threat posed by the malware that can overwrite the MBR.