An Incident Responder has noticed that for the last month, the same endpoints have been involved with malicious traffic every few days. The network team also identified a large amount of bandwidth being used over P2P protocol.
Which two steps should the Incident Responder take to restrict the endpoints while maintaining normal use of the systems? (Choose two.)
A. Report the users to their manager for unauthorized usage of company resources
B. Blacklist the domains and IP associated with the malicious traffic
C. Isolate the endpoints
D. Blacklist the endpoints
E. Find and blacklist the P2P client application
|
Download Printable PDF. VALID exam to help you PASS. |
 |