A security analyst is investigating malicious traffic from an internal system that attempted to download proxy avoidance as identified from the firewall logs, but the destination IP is blocked and not captured. Which of the following should the analyst do?
A) Shut down the computer
B) Capture live data using Wireshark
C) Take a snapshot
D) Determine if DNS logging is enabled
E) Review the network logs
Correct Answer:
Verified
Q124: A security analyst is attempting to utilize
Q125: An executive assistant wants to onboard a
Q126: Which of the following sources would a
Q127: An organization used a third party to
Q128: A custom script currently monitors real-time logs
Q130: A security analyst is scanning the network
Q131: A security analyst is reviewing the following
Q132: An analyst is reviewing the following code
Q133: An information security analyst on a threat-hunting
Q134: Which of the following should a database
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents