A technician has identified malicious traffic originating from a user's computer. Which of the following is the best way to identify the source of the attack?
Isolating the machine from the network is the best way to identify the source of the attack, because it prevents the malicious traffic from spreading to other devices or reaching the attacker. Isolating the machine can also help preserve the evidence of the attack, such as the malware files, the network connections, the registry entries, or the system logs. By isolating the machine, a technician can safely analyze the machine and determine the source of the attack, such as a phishing email, a compromised website, a removable media, or a network vulnerability.
Leanna
8 months agoAlmeta
8 months agoLavelle
8 months agoJina
8 months agoHoa
7 months agoGail
7 months agoChristene
8 months agoAsha
8 months agoDenny
8 months agoCarmen
8 months agoWayne
8 months ago