10
answers
1
watching
204
views
myrrcenaryLv1
24 May 2023
A host on a company's network has been infected by a worm that appears to be spreading via SMB. A security analyst has been tasked with containing the incident while also maintaining evidence for a subsequent investigation and malware analysis.
Which of the following steps would be best to perform FIRST?
- Turn off the infected host immediately.
- Run a full anti-malware scan on the infected host.
- Modify the smb.conf file of the host to prevent outgoing SMB connections.
- Isolate the infected host from the network by removing all network connections.
A host on a company's network has been infected by a worm that appears to be spreading via SMB. A security analyst has been tasked with containing the incident while also maintaining evidence for a subsequent investigation and malware analysis.
Which of the following steps would be best to perform FIRST?
- Turn off the infected host immediately.
- Run a full anti-malware scan on the infected host.
- Modify the smb.conf file of the host to prevent outgoing SMB connections.
- Isolate the infected host from the network by removing all network connections.
Liked by myrrcenary and 2 others
Liked by myrrcenary and 2 others
24 May 2023
Already have an account? Log in
Liked by myrrcenary and 1 others
24 May 2023
Already have an account? Log in
Liked by myrrcenary and 2 others
24 May 2023
Already have an account? Log in
Read by 1 person
qamarmalik3098Lv10
24 May 2023
Already have an account? Log in
Read by 1 person
24 May 2023
Already have an account? Log in
Read by 1 person
Read by 1 person
24 May 2023
Already have an account? Log in
Read by 1 person
Read by 1 person
24 May 2023
Already have an account? Log in