Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam 220-1102 Topic 5 Question 24 Discussion

Actual exam question for CompTIA's 220-1102 exam
Question #: 24
Topic #: 5
[All 220-1102 Questions]

A technician has identified malicious traffic originating from a user's computer. Which of the following is the best way to identify the source of the attack?

Show Suggested Answer Hide Answer
Suggested Answer: B

Isolating the machine from the network is the best way to identify the source of the attack, because it prevents the malicious traffic from spreading to other devices or reaching the attacker. Isolating the machine can also help preserve the evidence of the attack, such as the malware files, the network connections, the registry entries, or the system logs. By isolating the machine, a technician can safely analyze the machine and determine the source of the attack, such as a phishing email, a compromised website, a removable media, or a network vulnerability.


by Paz at Jan 22, 2024, 02:10 PM

Limited Time Offer

25%

Off

Get Premium 220-1102 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Leanna
13 days ago
A physical inventory? Really? That seems like a waste of time. Unless the attacker left a note on the machine or something, I don't see how that would help.
upvoted 0 times
...
Almeta
14 days ago
Ooh, the Windows Event Viewer! That's a good idea. Maybe you could find some clues in there about what's going on.
upvoted 0 times
...
Lavelle
15 days ago
I don't know, isolating the machine seems like the most direct way to stop the attack, you know? But then you wouldn't be able to investigate further.
upvoted 0 times
...
Jina
16 days ago
Hmm, this is a tricky one. I feel like the firewall logs would be the best place to start, since that's where you'd likely see the malicious traffic originating from.
upvoted 0 times
Carmen
B) Isolate the machine from the network.
upvoted 0 times
...
Wayne
23 hours ago
A) Investigate the firewall logs.
upvoted 0 times
...
...

Save Cancel