You are a security officer of a company. You had an alert from IDS that indicates that one PC on your Intranet is connected to a blacklisted IP address (C2 Server) on the Internet. The IP address was blacklisted just before the alert. You are starting an investigation to roughly analyze the severity of the situation. Which of the following is appropriate to analyze? A. IDS log B. Event logs on domain controller C. Internet Firewall/Proxy log. D. Event logs on the PC Â Suggested Answer: C Community Answer: C This question is in 312-50V11 EC-Council Certified Ethical Hacker v11 Exam For getting EC-Council Certified Ethical Hacker (CEH) Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by EC-Council. Trademarks, certification & product names are used for reference only and belong to EC-Council. The website does not contain actual questions and answers from EC-Council's Certification Exams.
Please login or Register to submit your answer
