Multiple Choice
An Incident Responder documented the scope of a recent outbreak by reviewing the incident in the ATP manager. Which two entity relationship examples should the responder look for and document from the Incident Graph? (Choose two.)
A) An intranet website that is experiencing an increase in traffic from endpoints in a smaller branch office.
B) A server in the DMZ that was repeatedly accessed outside of normal business hours on the weekend.
C) A network share is repeatedly accessed during and after an infection indicating a more targeted attack.
D) A malicious file that was repeatedly downloaded by a Trojan or downloader that infected multiple endpoints.
E) An external website that was the source of many malicious files.
Correct Answer:
Verified
Correct Answer:
Verified
Q50: An Incident Responder documented the scope of
Q51: A divisional executive requests a report of
Q52: What is the default action for a
Q53: Which SEP technology does an Incident Responder
Q54: Which two locations can the administrator verify
Q56: Which service is compatible with Automatic Remediation
Q57: Which section of the sysinfo file would
Q58: You're the administrator of a large storage
Q59: An administrator is attempting to uninstall a
Q60: When working on Storage Foundation 5.0 on