You are a security officer of a company. You had an alert from IDS that indicates that one PC on your Intranet

adminJanuary 29, 2019

You are a security officer of a company. You had an alert from IDS that indicates that one PC on your Intranet is connected to a blacklisted IP address (C2 Server) on the Internet. The IP address was blacklisted just before the alert. Y

ou are staring an investigation to roughly analyze the severity of the situation. Which of the following is appropriate to analyze?

A. Event logs on the PC

B. Internet Firewall/Proxy log

C. IDS log

D. Event logs on domain controller

QUESTION

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ECCouncil Exam Questions

Free EC-Council Study Guide

You are a security officer of a company. You had an alert from IDS that indicates that one PC on your Intranet

Leave a Reply Cancel reply