During incident investigations, what does the AMP for endpoints device trajectory feature show?
A. hosts that have seen the malicious file
B. the signature that triggered the malicious file alert
C. actions that have been performed on the victim’s host
D. how the malware file was packed (compressed or encrypted)