Posted by: Pdfprep
Post Date: April 14, 2021
A security analyst is reviewing the logs from a NGFWs automated correlation engine and sees the following:
Which of the following should the analyst perform FIRST?
A . Isolate the compromised host from the network.
B . Clear the logs and see If the same events reoccur.
C . Set up an alert to receive an email notification for all events.
D . Refresh the URL filtering database to ensure accuracy.
E . Set up a packet capture to analyze the unknown TCP and UDP traffic.
Answer: A
Leave a Reply