CS0-003 Incident Response and Management • 25 Questions
25 CS0-003 Incident Response and Management practice questions with answers and explanations. Free, no signup.
During the detection and analysis phase of the NIST SP 800-61 incident response lifecycle, an analyst identifies suspicious network traffic from an internal host to a known malicious IP address. Which step should the analyst perform next to validate the alert?