SCS-C02 Threat Detection and Incident Response • Set 3
SCS-C02 Threat Detection and Incident Response Practice Test 3 — 15 questions with explanations. Free, no signup.
During incident response, a security engineer needs to capture network traffic from an EC2 instance for forensic analysis. The instance is part of an Auto Scaling group. Which action preserves the most evidence while minimizing disruption?