After determining the alert was a true positive, which of the following represents the MOST likely cause?

CS0-001 0 Comments

A cybersecurity analyst has received an alert that well-known “call home” messages are continuously observed by network sensors at the network boundary. The proxy firewall successfully drops the messages.

After determining the alert was a true positive, which of the following represents the MOST likely cause?
A . Attackers are running reconnaissance on company resources.
B . An outside command and control system is attempting to reach an infected system.
C . An insider is trying to exfiltrate information to a remote network.
D . Malware is running on a company system.

Answer: B

Latest CS0-001 Dumps Valid Version with 455 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CS0-001 PDF     CS0-001 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments