After a recent malware incident, the forensic investigator is gathering details to identify the breach and causes. The investigator has isolated the affected workstation .
What is the next step that should be taken in this investigation?
A . Analyze the applications and services running on the affected workstation.
B . Compare workstation configuration and asset configuration policy to identify gaps.
C . Inspect registry entries for recently executed files.
D . Review audit logs for privilege escalation events.
Answer: C
Latest 350-201 Dumps Valid Version with 139 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund