CS0-003 Incident Response and Management • Set 3
CS0-003 Incident Response and Management Practice Test 3 — 15 questions with explanations. Free, no signup.
During the detection and analysis phase of incident response, a security analyst identifies suspicious outbound traffic from a workstation to an external IP address known for command and control (C2) activity. Which classification should the analyst assign to this incident?