CS0-003 Incident Response and Management • 10 Questions
10 CS0-003 Incident Response and Management practice questions with answers and explanations. Free, no signup.
During the detection and analysis phase of the NIST SP 800-61 incident response lifecycle, an analyst identifies suspicious network traffic from an internal host to a known malicious IP address. Which step should the analyst perform next to validate the alert?