During inspection of your Threat Prevention logs you find four different computers having one event each with a Critical Severity.
Which of those hosts should you try to remediate first?
A . Host having a Critical event found by Threat Emulation
B . Host having a Critical event found by IPS
C . Host having a Critical event found by Antivirus
D . Host having a Critical event found by Anti-Bot
Answer: D
Explanation:
The host having a Critical event found by Anti-Bot should be remediated first, as it indicates that the host is infected by a botnet malware that is communicating with a Command and Control server. This poses a serious threat to the network security and data integrity. The other events may indicate potential malware infection or attack attempts, but not necessarily successful ones.
Reference: Threat Prevention Administration Guide
Latest 156-315.81.20 Dumps Valid Version with 563 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund