A SOC Tier 2 analyst is investigating an alert that was escalated by Tier 1. The analyst needs to perform deeper correlation and malware analysis. Which of the following actions is most appropriate for Tier 2?
Tier 2 handles deeper analysis and correlation.
Why this answer
Tier 2 analysts perform deeper investigation, correlation, and malware analysis.