New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 Certified in Cybersecurity Exam - Topic 1 Question 9 Discussion

Actual exam question for ISC2's Certified in Cybersecurity exam
Question #: 9
Topic #: 1
[All Certified in Cybersecurity Questions]

A company network has been infected with malware and all its servers are down. What is the first step that the Disaster Recovery team should take to restore the systems?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Franklyn at Nov 20, 2025, 01:26 AM

Limited Time Offer

25%

Off

Get Premium Certified in Cybersecurity Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Abraham
12 hours ago
I think B) is more important to understand the damage.
upvoted 0 times
...
Sabine
6 days ago
Definitely A) Disconnect the affected systems first!
upvoted 0 times
...
Sharmaine
11 days ago
Disconnect the systems? What is this, the 90s? Clearly the answer is to throw the whole network in the trash and start over.
upvoted 0 times
...
Teddy
16 days ago
D? Really? Calling the cops first? That's just going to slow down the recovery process.
upvoted 0 times
...
Jill
21 days ago
B sounds like the logical first step to me. Gotta assess the damage before taking action.
upvoted 0 times
...
Hubert
26 days ago
I'd go with C. Restoring from backups is the best way to get systems back up and running.
upvoted 0 times
...
Roxane
1 month ago
Definitely A. Disconnect those infected systems ASAP to prevent further spread!
upvoted 0 times
...
Nan
1 month ago
I recall a practice question where contacting law enforcement was the first step, but I think that might be more of a follow-up action after securing the systems.
upvoted 0 times
...
Colton
1 month ago
I'm not entirely sure, but I remember something about assessing the damage first. Maybe conducting a risk assessment is important before taking any other actions?
upvoted 0 times
...
Dahlia
2 months ago
I think the first step should be to disconnect the affected systems from the network to prevent further spread of the malware. That seems like a common practice in similar scenarios.
upvoted 0 times
...
Sylvia
2 months ago
I'm a bit confused on the best order of steps here. I think I'd start by disconnecting the affected systems, then do the risk assessment, and then focus on restoring from backups. But I'm not 100% sure.
upvoted 0 times
...
Avery
2 months ago
Contacting law enforcement to investigate the cyberattack seems like a good idea, but I'm not sure if that should be the very first step. Securing the systems and restoring operations should come first.
upvoted 0 times
...
Shawana
2 months ago
I think the first step is A. Disconnecting stops the spread.
upvoted 0 times
...
Joye
2 months ago
Restoring data from backup systems is probably the key to getting the systems back up and running quickly. That should be the top priority in my opinion.
upvoted 0 times
...
Sharita
3 months ago
True, but if we don’t disconnect, it’s pointless. A is key.
upvoted 0 times
...
Lawana
3 months ago
I feel like restoring data from backups is crucial, but that might come later. We definitely need to address the immediate threat first.
upvoted 0 times
...
Rebeca
3 months ago
Hmm, I'm not sure. Conducting a risk assessment to determine the extent of the damage seems important too, so we can plan the recovery process effectively.
upvoted 0 times
...
Iluminada
3 months ago
I think the first step would be to disconnect the affected systems from the network to prevent the malware from spreading further. That seems like the most urgent priority.
upvoted 0 times
Lisha
2 months ago
I agree, disconnecting is crucial to stop the spread.
upvoted 0 times
...
...

Save Cancel