🔥 3-day streak
CompTIA Security+ (SY0-701)111 / 150
Question 111 of 150

After recovering from a ransomware incident, a security team meets to determine why the initial infection succeeded. They discover that an unpatched VPN appliance allowed the attacker's initial access, and they document a plan to enforce a stricter patching SLA for all edge devices. Which incident response activity is the team performing?

Reviewed for accuracy · Report an issueNext question →