Multiple Choice
A security analyst is investigating malicious traffic from an internal system that attempted to download proxy avoidance as identified from the firewall logs, but the destination IP is blocked and not captured. Which of the following should the analyst do?
A) Shut down the computer
B) Capture live data using Wireshark
C) Take a snapshot
D) Determine if DNS logging is enabled
E) Review the network logs
Correct Answer:
Verified
Correct Answer:
Verified
Q57: An organization that handles sensitive financial information
Q58: A large software company wants to move
Q59: Which of the following will allow different
Q60: An organization has not had an incident
Q61: During an investigation, an analyst discovers the
Q63: A Chief Information Security Officer (CISO) is
Q64: A security team wants to make SaaS
Q65: A small electronics company decides to use
Q66: A security analyst wants to identify which
Q67: A security analyst is investigating a system