Notifications
Clear all
Topic starter
19/10/2022 4:18 am
A cyber-incident response analyst is investigating a suspected cryptocurrency miner on a company's server.
Which of the following is the FIRST step the analyst should take?
- A . Create a full disk image of the server's hard drive to look for the file containing the malware.
- B . Run a manual antivirus scan on the machine to look for known malicious software.
- C . Take a memory snapshot of the machine to capture volatile information stored in memory.
- D . Start packet capturing to look for traffic that could be indicative of command and control from the miner.
Suggested Answer: D