🔥 3-day streak
CompTIA CySA+ (CS0-003)28 / 147
Question 28 of 147
A Tier 1 analyst at a hospital detects ransomware activity encrypting files on a shared clinical file server. The organization's incident response plan defines that any incident affecting patient care systems or involving data-encrypting malware must be immediately escalated beyond the SOC. According to sound escalation practice, what should the analyst do FIRST after initial validation?
Reviewed for accuracy · Report an issueNext question