An engineer runs a suspicious file in a sandbox analysis tool to see the outcome. The analysis report shows that outbound callouts were made post infection.
Which two pieces of information from the analysis report are needed to investigate the callouts?
(Choose two.)
A. signatures
B. host IP addresses
C. file size
D. dropped files
E. domain names
