CompTIA Server+ (SK0-005) — Question 332

Which of the following are measures that should be taken when a data breach occurs? (Choose two.)

Answer options

• A. Restore the data from backup.
• B. Disclose the incident.
• C. Disable unnecessary ports.
• D. Run an antivirus scan.
• E. Identify the exploited vulnerability.
• F. Move the data to a different location.

Correct answer: B, E

Explanation

Disclosing the incident is crucial for transparency and compliance with legal obligations, while identifying the exploited vulnerability helps prevent future breaches. The other options, such as restoring data or running antivirus scans, may be important but do not directly address the immediate response to the breach itself.