A security engineer discovers a PC may have been breached and accessed by an outside agent. The engineer wants to find out how this breach occurred before remediating the damage. Which of the following should the security engineer do FIRST to begin this investigation?
A) Create an image of the hard drive
B) Capture the incoming and outgoing network traffic
C) Dump the contents of the RAM
D) Parse the PC logs for information on the attacker
Correct Answer:
Verified
Q378: A technician is reviewing the following log:
Q379: A smart switch has the ability to
Q380: A company has made it a spending
Q381: Several days after deploying an MDM for
Q382: A secure facility has a server room
Q384: A security analyst receives an email from
Q385: A security administrator receives reports that several
Q386: A Chief Information Security Officer (CISO) has
Q387: A SaaS provider decides to offer data
Q388: The Chief Financial Officer (CFO) of an
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents