A security analyst is investigating malicious traffic from an internal system that attempted to download proxy avoidance software as identified from the firewall logs, but the destination IP is blocked and not captured. Which of the following should the analyst do?
A. Shut down the computer.
B. Capture live data using Wireshark.
C. Take a snapshot.
D. Determine if DNS logging is enabled.
E. Review the network logs.
Answer: D. Determine if DNS logging is enabled.
You might also like to view...
The Zoom control is displayed within the _____.
A. Quick Access toolbar B. status bar C. title bar D. ribbon
As you enter appointments, events, and meetings, you can include location information by entering it in the ____________________ box.
Fill in the blank(s) with the appropriate word(s).
How is data transmitted in a wireless network?
What will be an ideal response?
A ______ of height h is full down to level h – 1, with level h filled in from left to right.
a) full binary tree b) complete binary tree c) balanced binary tree d) general tree