Home » CompTIA » SY0-501 v.2 » Which of the following techniques would be BEST to enable this activity while reducing the risk of lateral spread and the risk that the adversary would notice any changes?

Which of the following techniques would be BEST to enable this activity while reducing the risk of lateral spread and the risk that the adversary would notice any changes?

01/29/2021 – by Mod_GuideK 0

During an incident, a company’s CIRT determines it is necessary to observe the continued network-based transactions between a callback domain and the malware running on an enterprise PC. Which of the following techniques would be BEST to enable this activity while reducing the risk of lateral spread and the risk that the adversary would notice any changes?
A. Physically move the PC to a separate Internet point of presence.
B. Create and apply microsegmentation rules.
C. Emulate the malware in a heavily monitored DMZ segment.
D. Apply network blacklisting rules for the adversary domain.

SHOW ANSWERS

How To Pass SY0-601 Exam?

CompTIA SY0-601 PDF dumps.

High quality SY0-601 pdf and software. VALID exam to help you pass.

How To Pass SY0-601 Exam?

CompTIA SY0-601 PDF dumps.

Leave a Reply Cancel reply