Forums
Dumps Discussion
CompTIA
CAS-004
Which of the follow...
 
Notifications
Clear all

Which of the following response actions should the analyst take FIRST?

 
CAS-004
Last Post by Isreal 1 year ago
1 Posts
1 Users
0 Likes
136 Views
RSS
 Isreal
(@baumgarnerisreal)
Noble Member
Joined: 1 year ago
Posts: 677
Topic starter 26/05/2022 11:29 am  

A security analyst notices a number of SIEM events that show the following activity:

Which of the following response actions should the analyst take FIRST?

  • A . Disable powershell.exe on all Microsoft Windows endpoints.
  • B . Restart Microsoft Windows Defender.
  • C . Configure the forward proxy to block 40.90.23.154.
  • D . Disable local administrator privileges on the endpoints.

Show Answer Hide Answer

Suggested Answer: A

   
Quote
Topic Tags
CompTIA CASP+

Latest CompTIA CAS-004 Dumps Valid Version

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
Instant Download PDF
Forum Jump:
  Previous Topic
Related Topics
Topic Tags:  CompTIA CASP+ (187) ,
Share: