Which of the following should the analyst use to identify the content of the traffic?

An analyst has noticed unusual activities in the SIEM to a .cn domain name. Which of the following should the analyst use to identify the content of the traffic?
A. Log review
B. Service discovery
C. Packet capture
D. DNS harvesting

CS0-002: CompTIA CySA+ Exam

FULL Printable PDF and Software. VALID exam to help you PASS.

comptia-exams

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.