Which of the following should be the NEXT step in this incident response?

The SOC has received reports of slowness across all workstation network segments. The currently installed antivirus has not detected anything, but a different anti-malware product was just downloaded

and has revealed a worm is spreading

Which of the following should be the NEXT step in this incident response?
A . Enable an ACL on all VLANs to contain each segment
B . Compile a list of loCs so the IPS can be updated to halt the spread.
C . Send a sample of the malware to the antivirus vendor and request urgent signature creation.
D . Begin deploying the new anti-malware on all uninfected systems.

Answer: D

Latest CS0-002 Dumps Valid Version with 220 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments