Which of those hosts should you try to remediate first?

156-315.81 V4 0 Comments

During inspection of your Threat Prevention logs you find four different computers having one event each with a Critical Severity.

Which of those hosts should you try to remediate first?
A . Host having a Critical event found by Threat Emulation
B . Host having a Critical event found by IPS
C . Host having a Critical event found by Antivirus
D . Host having a Critical event found by Anti-Bot

Answer: D

Explanation:

The host having a Critical event found by Anti-Bot should be remediated first, as it indicates that the host is infected by a botnet malware that is communicating with a Command and Control server. This poses a serious threat to the network security and data integrity. The other events may indicate potential malware infection or attack attempts, but not necessarily successful ones.

Reference: Threat Prevention Administration Guide

Latest 156-315.81 Dumps Valid Version with 465 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download 156-315.81 PDF     156-315.81 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments