Multiple Choice
A company's incident response team is handling a threat that was identified on the network. Security analysts have determined a web server is making multiple connections from TCP port 445 outbound to servers inside its subnet as well as at remote sites. Which of the following is the MOST appropriate next step in the incident response plan?
A) Quarantine the web server
B) Deploy virtual firewalls
C) Capture a forensic image of the memory and disk
D) Enable web server containerization
Correct Answer:
Verified
Correct Answer:
Verified
Q6: A security analyst implemented a solution that
Q7: An information security analyst is reviewing backup
Q8: A user receives a potentially malicious email
Q9: A development team uses open-source software and
Q10: A security analyst is building a malware
Q12: Which of the following is the MOST
Q13: A company wants to establish a threat-hunting
Q14: An organization used a third party to
Q15: A security analyst is reviewing the following
Q16: During routine monitoring, a security analyst discovers