Solved

A SIEM Tool Fires an Alert About a VPN Connection

Question 84

Multiple Choice

A SIEM tool fires an alert about a VPN connection attempt from an unusual location. The incident response team validates that an attacker has installed a remote access tool on a user's laptop while traveling. The attacker has the user's credentials and is attempting to connect to the network. What is the next step in handling the incident?


A) Block the source IP from the firewall
B) Perform an antivirus scan on the laptop
C) Identify systems or services at risk
D) Identify lateral movement

Correct Answer:

verifed

Verified

Unlock this answer now
Get Access to more Verified Answers free of charge

Related Questions

Q79: An engineer detects an intrusion event inside

Q80: What is the difference between process orchestration

Q81: Refer to the</p></div><svg width=

Q82: Refer to the exhibit. A security analyst

Q83: A European-based advertisement company collects tracking information

Q85: An engineer is going through vulnerability triage

Q86: After a recent malware incident, the forensic

Q87: The incident response team receives information about

Q88: Refer to the</p></div><svg width=

Q89: A SOC team is informed that a

Unlock this Answer For Free Now!

View this answer and more for free by performing one of the following actions

qr-code

Scan the QR code to install the App and get 2 free unlocks

upload documents

Unlock quizzes for free by uploading documents