SSCP Incident Response and Recovery • Set 1
SSCP Incident Response and Recovery Practice Test 1 — 15 questions with explanations. Free, no signup.
A security analyst detects unusual outbound traffic from a server that normally communicates only with internal systems. The firewall logs show connections to an external IP address on port 443/tcp. Which incident response step should the analyst perform FIRST?