Malware is currently spreading through an organization’s network. An Incident Responder sees some detections in SEP, but there is NOT an apparent relationship between them.
How should the responder look for the source of the infection using ATP?
A. Check for the file hash for each detection
B. Isolate a system and collect a sample
C. Submit the hash to Virus Total
D. Check of the threats are downloaded from the same domain or IP by looking at incidents
|
Download Printable PDF. VALID exam to help you PASS. |
 |