Question: You are responsible for forensic investigations in your organization.You have been tasked with investigating a compromised virtual application server. Becase a revenue generating application runs on the server, the server needs to be returned to service as quickly as possible.
- Restore the server from backup immediately.
- Take the server offline until your investigation is complete.
- Take a snapshot of the compromised virtual server for your investigation.
- Restart the server. Remediate the issue after business hours.
Answer: The correct answer of the above question is Option C:Take a snapshot of the compromised virtual server for your investigation.