Which of the following is the BEST step for a security analyst to take next?

CAS-003 0 Comments

The SOC has noticed an unusual volume of traffic coming from an open WiFi guest network that appears correlated with a broader network slowdown.

The network team is unavailable to capture traffic but logs from network services are available

• No users have authenticated recently through the guest network’s captive portal

• DDoS mitigation systems are not alerting

• DNS resolver logs show some very long domain names

Which of the following is the BEST step for a security analyst to take next?
A . Block all outbound traffic from the guest network at the border firewall
B . Verify the passphrase on the guest network has not been changed.
C . Search antivirus logs for evidence of a compromised company device
D . Review access pent fogs to identify potential zombie services

Answer: A

Latest CAS-003 Dumps Valid Version with 509 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CAS-003 PDF     CAS-003 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments