Summer Special Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 8w52ceb345

Employees receive an email from an executive within the organization that summarizes a recent security...

Cisco 350-201 Full Course Access
Cisco 350-201 View All Questions

Employees receive an email from an executive within the organization that summarizes a recent security breach and requests that employees verify their credentials through a provided link. Several employees report the email as suspicious, and a security analyst is investigating the reports. Which two steps should the analyst take to begin this investigation? (Choose two.)

A.

Evaluate the intrusion detection system alerts to determine the threat source and attack surface.

B.

Communicate with employees to determine who opened the link and isolate the affected assets.

C.

Examine the firewall and HIPS configuration to identify the exploited vulnerabilities and apply recommended mitigation.

D.

Review the mail server and proxy logs to identify the impact of a potential breach.

E.

Check the email header to identify the sender and analyze the link in an isolated environment.

350-201 PDF/Engine
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions
buy now 350-201 pdf
Get 60% Discount on All Products, Use Coupon: "8w52ceb345"
Next
How is a SIEM tool used?
Refer to the exhibit.
Previous