Notifications
Clear all
Topic starter
08/06/2022 2:13 am
A security analyst observes the following while looking through network traffic in a company's cloud log:
Which of the following steps should the security analyst take FIRST?
- A . Quarantine 10.0.5.52 and run a malware scan against the host.
- B . Access 10.0.5.52 via EDR and identify processes that have network connections.
- C . Isolate 10.0.50.6 via security groups.
- D . Investigate web logs on 10.0.50.6 to determine if this is normal traffic.
Suggested Answer: D