Which of the following should the analyst perform FIRST?

A security analyst is reviewing the logs from a NGFWs automated correlation engine and sees the following:

Which of the following should the analyst perform FIRST?
A . Isolate the compromised host from the network.
B . Clear the logs and see If the same events reoccur.
C . Set up an alert to receive an email notification for all events.
D . Refresh the URL filtering database to ensure accuracy.
E . Set up a packet capture to analyze the unknown TCP and UDP traffic.

Answer: A

Latest SY0-501 Dumps Valid Version with 1130 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments