Network Isolation — CompTIA CySA+ (CS0-003) Practice Questions

Network isolation is a containment and defensive technique that segments a compromised or vulnerable system from the rest of the network to prevent lateral movement, data exfiltration, or further propagation of an attack. The CySA+ exam tests how analysts use VLANs, firewall rules, host-based controls, and switch port disabling to achieve varying degrees of isolation in response to incidents or as a compensating control for unpatched legacy systems. Isolation decisions require balancing the operational need to keep systems accessible against the security imperative to stop an attacker from pivoting deeper into the environment. Analysts must be able to implement network isolation quickly during an active incident and document the action as part of the response record.

Free questions on network isolation

During incident response, a security analyst discovers that ransomware has encrypted critical files across multiple departments. The attacker is demanding payment within 24 hours. What is the FIRST action the analyst should take?
Free question · medium · full answer + explanation
During a security incident, the analyst needs to preserve evidence from a compromised server. Which action should be performed FIRST?
Free question · medium · full answer + explanation

More network isolation questions in the full bank

Practice CompTIA CySA+ (CS0-003) Questions Free