SY0-701 • Practice Test 45
Free SY0-701 practice test — 15 questions with explanations. Set 45. No signup required.
A security analyst in a SOC receives an alert indicating that a large volume of data was transferred from a user's workstation to an external IP address at 2:00 AM. The analyst suspects a data exfiltration attack. According to incident response best practices, what should the analyst do FIRST?