An analyst receives an alert indicating a suspicious process (PID 3342) is making outbound connections on port 443 to an unknown IP. The system is a Windows 10 workstation. Which first responder action is MOST appropriate?
Select one:
EC-Council often tests the principle that volatile data (memory) must be captured before any contain...