Multiple Choice
A scanner detected a malware-infected file on an endpoint that is attempting to beacon to an external site. An analyst has reviewed the IPS and SIEM logs but is unable to identify the file's behavior. Which logs should be reviewed next to evaluate this file further?
A) email security appliance
B) DNS server
C) Antivirus solution
D) network device
Correct Answer:
Verified
Correct Answer:
Verified
Q3: An attacker embedded a macro within a
Q4: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1178/.jpg" alt=" Refer to the
Q5: An "unknown error code" is appearing on
Q6: Which information is provided bout the object
Q7: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1178/.jpg" alt=" Refer to the
Q9: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1178/.jpg" alt=" Refer to the
Q10: A security team receives reports of multiple
Q11: Which technique is used to evade detection
Q12: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1178/.jpg" alt=" Refer to the
Q13: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1178/.jpg" alt=" Refer to the