Ask Question
15 September, 21:22

A computer emergency response team is called at midnight to investigate a case in which a mail server was restarted. After an initial investigation, it was discovered that email is being exfiltrated through an active connection. Which of the following is the NEXT step the team should take? A. Perform eradication of the active connection and recoverB. Identify the source of the active connectionC. Format the server and restore its initial configurationD. Perform a containment procedure by disconnecting the serverD. Perform a containment procedure by disconnecting the server

+5
Answers (1)
  1. 16 September, 00:48
    0
    Answer: B. Identify the source of the active connection

    Any problem can be fixed only finding of the source of it. We can fix a problem in 'n' number of ways but it might again come back if source of it is not identified.

    Explanation:

    Identify the source of the active connection is the NEXT step the team should take. It is very similar to our human body.

    If the infection is coming in the body again and again and gets fixed in the treatment, the reason for come - back will be identified so that it does not lead to unnecessary treatment.

    In a similar way, if source are identified then the problem of come-back can be avoided. So option B would be the right choice.
Know the Answer?
Not Sure About the Answer?
Get an answer to your question ✅ “A computer emergency response team is called at midnight to investigate a case in which a mail server was restarted. After an initial ...” in 📙 Computers & Technology if there is no answer or all answers are wrong, use a search bar and try to find the answer among similar questions.
Search for Other Answers