Which of the following should be the NEXT step in this incident response?
The SOC has received reports of slowness across all workstation network segments. The currently installed antivirus has not detected anything, but a different anti-malware product was just downloaded
and has revealed a worm is spreading
Which of the following should be the NEXT step in this incident response?
A . Enable an ACL on all VLANs to contain each segment
B . Compile a list of loCs so the IPS can be updated to halt the spread.
C . Send a sample of the malware to the antivirus vendor and request urgent signature creation.
D . Begin deploying the new anti-malware on all uninfected systems.
Answer: D
Latest CS0-002 Dumps Valid Version with 220 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
Subscribe
Login
0 Comments
Inline Feedbacks
View all comments