Which two methods might be used by an analyst to detect SSL/TLS encrypted command-and-control communication? (Choose two.)
A. perform decryption and inspection of SSL/TLS traffic
B. perform firewall HTTP application inspection to detect for the command and control traffic
C. perform IPS HTTP deep packets inspection to detect for the command and control traffic
D. perform analysis of the NetFlow data to detect anomalous TLS/SSL flows
