Which of the following should the analyst do?

CS0-002 0 Comments

A security analyst is investigating malicious traffic from an internal system that attempted to download proxy avoidance software as identified from the firewall logs but the destination IP is blocked and not captured.

Which of the following should the analyst do?
A . Shut down the computer
B . Capture live data using Wireshark
C . Take a snapshot
D . Determine if DNS logging is enabled.
E . Review the network logs.

Answer: A

Latest CS0-002 Dumps Valid Version with 220 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CS0-002 PDF     CS0-002 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments