An organization’s email filter is an ineffective control, and as a result, employees have been constantly receiving phishing emails. As part of a security incident investigation, a security analyst identifies the following:
1. An employee was working remotely when the security alert was triggered.
2. An employee visited a number of uncategorized Internet sites.
3. A .doc file was downloaded.
4. A number of files were uploaded to an unknown collaboration site.
Which of the following would provide the security analyst with more data to identify the root cause of the issue and protect the organization’s information during future incidents?
A. EDR and DLP
B. DAM and MFA
C. HIPS and application whitelisting
D. FIM and antivirus
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
