You are a security officer of a company. You had an alert from IDS that indicates that one PC on your Intranet is connected to a blacklisted IP address (C2 Server) on the Internet. The IP address was blacklisted just before the alert. You are staring an investigation to roughly analyze the severity of the situation.
Which of the following is appropriate to analyze?
A . Event logs on the PC
B . Internet Firewall/Proxy log
C . IDS log
D . Event logs on domain controller
Answer: B
Latest CPEH-001 Dumps Valid Version with 736 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund