An Incident Responder has noticed that for the last month, the same endpoints have been involved with malicious traffic every few days. The network team also identified a large amount of bandwidth being used over P2P protocol. Which two steps should the Incident Responder take to restrict the endpoints while maintaining normal use of the systems? (Choose two.)
A) Report the users to their manager for unauthorized usage of company resources
B) Blacklist the domains and IP associated with the malicious traffic
C) Isolate the endpoints
D) Blacklist the endpoints
E) Find and blacklist the P2P client application
Correct Answer:
Verified
Q121: Which policies are required for the quarantine
Q122: When does Real Time Link Following scan
Q123: An organization has five (5) shops with
Q124: Which two actions an Incident Responder take
Q125: Which access credentials does an ATP Administrator
Q127: An organization recently deployed ATP and integrated
Q128: Which detection method identifies a file as
Q129: An ATP Administrator set up ATP: Network
Q130: What is the purpose of Email Impersonation
Q131: An ATP Administrator set up ATP: Network
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents