After a file disposition changes from unknown to malicious, what is the next step that should be taken?

After a file disposition changes from unknown to malicious, what is the next step that should be taken?

A. Run the file in a sandbox to verify if it is malicious and to determine the file behaviors.

B. Create a new IPS signature to detect the malicious file.

C. Go back to the system where the file was previously seen and quarantine the malicious file.

D. Run a file retrospective analysis in the cloud using machine learning to determine the file SHA.

View Answer

Answer: C