Question: You are responsible for forensic investigations in your organization.You have been tasked with investigating a compromised virtual application server. Becase a revenue generating application runs on the server, the server needs to be returned to service as quickly as possible.

1. Restore the server from backup immediately.
2. Take the server offline until your investigation is complete.
3. Take a snapshot of the compromised virtual server for your investigation.
4. Restart the server. Remediate the issue after business hours.

Answer: The correct answer of the above question is Option C:Take a snapshot of the compromised virtual server for your investigation.