Multiple Choice
After reading a security bulletin, a network security manager is concerned that a malicious actor may have breached the network using the same software flaw. The exploit code is publicly available and has been reported as being used against other industries in the same vertical. Which of the following should the network security manager consult FIRST to determine a priority list for forensic review?
A) The vulnerability scan output
B) The IDS logs
C) The full packet capture data
D) The SIEM alerts
Correct Answer:
Verified
Correct Answer:
Verified
Q119: A security analyst has been asked to
Q120: On which of the following is the
Q121: Which of the following is the purpose
Q122: An organization's help desk is flooded with
Q123: An organization has various applications that contain
Q124: A development team employs a practice of
Q125: A vulnerability assessment report will include the
Q126: A security administrator needs to create a
Q127: In which of the following situations would
Q128: The process of passively gathering information prior