A company's incident response team is handling a threat that was identified on the network. Security analysts have determined a web server is making multiple connections from TCP port 445 outbound to servers inside its subnet as well as at remote sites. Which of the following is the MOST appropriate next step in the incident response plan?
A) Quarantine the web server
B) Deploy virtual firewalls
C) Capture a forensic image of the memory and disk
D) Enable web server containerization
Correct Answer:
Verified
Q96: During an investigation, a security analyst identified
Q97: A security team wants to make SaaS
Q98: A team of security analysts has been
Q99: It is important to parameterize queries to
Q100: A security analyst is reviewing the logs
Q102: Which of the following policies would state
Q103: An incident response team is responding to
Q104: A cybersecurity analyst is reading a daily
Q105: Which of the following software assessment methods
Q106: An analyst wants to identify hosts that
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents