SCS-C02 Threat Detection and Incident Response • Set 7
SCS-C02 Threat Detection and Incident Response Practice Test 7 — 15 questions with explanations. Free, no signup.
During a security incident, a security engineer needs to capture network traffic between an EC2 instance and an attacker's IP address for forensic analysis. The engineer has already identified the attacker's IP from CloudTrail logs. Which action captures the traffic without affecting the instance?