Q: 20
A cybersecurity analyst is examining a complex dataset of threat intelligence information from
various sources. Among the data, they notice multiple instances of domain name resolution requests
to suspicious domains known for hosting C2 servers. Simultaneously, the intrusion detection system
logs indicate a series of network anomalies, including unusual port scans and attempts to exploit
known vulnerabilities. The internal logs also reveal a sudden increase in outbound network traffic
from a specific internal host to an external IP address located in a high-risk region. Which action
should be prioritized by the organization?
Options
Discussion
No comments yet. Be the first to comment.
Be respectful. No spam.
