Which of those hosts should you try to remediate first?

exams

11 months ago

During inspection of your Threat Prevention logs you find four different computers having one event each with a Critical Severity.

Which of those hosts should you try to remediate first?
A . Host having a Critical event found by Threat Emulation
B . Host having a Critical event found by IPS
C . Host having a Critical event found by Antivirus
D . Host having a Critical event found by Anti-Bot

Answer: D

Explanation:

The host having a Critical event found by Anti-Bot should be remediated first, as it indicates that the host is infected by a botnet malware that is communicating with a Command and Control server. This poses a serious threat to the network security and data integrity. The other events may indicate potential malware infection or attack attempts, but not necessarily successful ones.

Reference: Threat Prevention Administration Guide

Latest 156-315.81 Dumps Valid Version with 465 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download 156-315.81 PDF 156-315.81 Questions Online Training