PdfPrep.com

Which of the following should the analyst perform FIRST?

A security analyst is reviewing the logs from a NGFWs automated correlation engine and sees the following:

Which of the following should the analyst perform FIRST?
A . Isolate the compromised host from the network.
B . Clear the logs and see If the same events reoccur.
C . Set up an alert to receive an email notification for all events.
D . Refresh the URL filtering database to ensure accuracy.
E . Set up a packet capture to analyze the unknown TCP and UDP traffic.

Answer: A

Exit mobile version