Which of the following is the BEST way to isolate and triage the host?

A security analyst is investigate an no client related to an alert from the threat detection platform on a host (10.0 1.25) in a staging environment that could be running a crypto mining tool because it in sending traffic to an IP address that are related to Bitcoin.

The network rules for the instance are the following:

Which of the following is the BEST way to isolate and triage the host?
A . Remove rules 1.2. and 3.
B. Remove rules 1.2. 4. and 5.
C. Remove rules 1.2. 3.4. and 5.
D. Remove rules 1.2. and 5.
E. Remove rules 1.4. and 5.
F. Remove rules 4 and 5

Answer: C

Explanation:

The best way to isolate and triage the host is to remove rules 1, 2, 3, 4, and

Latest CS0-002 Dumps Valid Version with 220 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments