CompTIA Security+ (SY0-601) — Question 383

An analyst is working on an email security incident in which the target opened an attachment containing a worm. The analyst wants to implement mitigation techniques to prevent further spread. Which of the following is the best course of action for the analyst to take?

Answer options

• A. Apply a DLP solution
• B. Implement network segmentation
• C. Utilize email content filtering.
• D. Isolate the infected attachment

Correct answer: B

Explanation

Implementing network segmentation is the best strategy as it limits the worm's ability to spread across different network segments. While a DLP solution, email content filtering, and isolating the infected attachment are useful security measures, they do not address the immediate need to contain the worm within isolated sections of the network.