CS0-003 Incident Response and Management • Set 1
CS0-003 Incident Response and Management Practice Test 1 — 15 questions with explanations. Free, no signup.
During the detection and analysis phase of the NIST SP 800-61 incident response lifecycle, an analyst identifies suspicious network traffic from an internal host to a known malicious IP address. Which step should the analyst perform next to validate the alert?