Which of the following should the analyst do FIRST?

CS0-002 V4 0 Comments

While monitoring the information security notification mailbox, a security analyst notices several emails were repotted as spam.

Which of the following should the analyst do FIRST?
A . Block the sender In the email gateway.
B. Delete the email from the company’s email servers.
C. Ask the sender to stop sending messages.
D. Review the message in a secure environment.

Answer: D

Explanation:

The security analyst should review the message in a secure environment first. This will help determine if the message is indeed spam or if it contains any malicious content, such as malware attachments or phishing links. Reviewing the message in a secure environment means using a sandbox or an isolated system that can prevent any potential harm to the analyst’s system or network. If the message is confirmed to be spam or malicious, then the analyst can take further actions, such as blocking the sender, deleting the email, or notifying the users3.

Latest CS0-002 Dumps Valid Version with 220 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CS0-002 PDF     CS0-002 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments