PdfPrep.com

Which of the following is the best NEXT step for the analyst to take?

An incident response analyst at a large corporation is reviewing proxy log data. The analyst believes a malware infection may have occurred. Upon further review, the analyst determines the computer responsible for the suspicious network traffic is used by the Chief Executive Officer (CEO).

Which of the following is the best NEXT step for the analyst to take?
A . Call the CEO directly to ensure awareness of the event
B . Run a malware scan on the CEO’s workstation
C . Reimage the CEO’s workstation
D . Disconnect the CEO’s workstation from the network.

Answer: D

Exit mobile version