Multiple Choice
Which two non-Symantec methods for restricting traffic are available to the Incident Response team? (Choose two.)
A) Temporarily disconnect the local network from the internet.
B) Create an Access Control List at the router to deny traffic.
C) Analyze traffic using Wireshark protocol analyzer to identify the source of the infection.
D) Create a DNS sinkhole server to block malicious traffic.
E) Isolate computers so they are NOT compromised by infected computers.
Correct Answer:
Verified
Correct Answer:
Verified
Q159: What is the primary benefit of using
Q160: Why is it important for an Incident
Q161: In which type of physical deployment does
Q162: An administrator is tasked with implementing an
Q163: An administrator is applying a newly created
Q165: What is the primary vector for the
Q166: Which information is required in order to
Q167: An Incident Responder runs an endpoint search
Q168: What should an Incident Responder do to
Q169: ou have gathered file I/O performance data