A user received an email attachment named "Hr405-report2609-empl094.exe" but did not run it. Which category of the cyber kill chain should be assigned to this type of event?
Which principle is being followed when an analyst gathers information relevant to a security incident to determine the appropriate course of action?
Which step in the incident response process researches an attacking host through logs in a SIEM?
Which technology should be used to implement a solution that makes routing decisions based on HTTP header, uniform resource identifier, and SSL session ID attributes?
Which data type is necessary to get information about source/destination ports?
