A technician has identified malicious traffic originating from a user's computer. Which of the following is the best way to identify the source of the attack?
Isolating the machine from the network is the best way to identify the source of the attack, because it prevents the malicious traffic from spreading to other devices or reaching the attacker. Isolating the machine can also help preserve the evidence of the attack, such as the malware files, the network connections, the registry entries, or the system logs. By isolating the machine, a technician can safely analyze the machine and determine the source of the attack, such as a phishing email, a compromised website, a removable media, or a network vulnerability.
Leanna
13 days agoAlmeta
14 days agoLavelle
15 days agoJina
16 days agoCarmen
Wayne
23 hours ago