A threat actor used a phishing email to deliver a file with an embedded macro. The file was opened, and a remote code execution attack occurred in a company's infrastructure. Which steps should an engineer take at the recovery stage?
A. Determine the systems involved and deploy available patches
B. Analyze event logs and restrict network access
C. Review access lists and require users to increase password complexity
D. Identify the attack vector and update the IDS signature list
A threat actor used a phishing email to deliver a file with an embedded macro. The file was opened, and a remote code ex
-
answerhappygod
- Site Admin
- Posts: 899604
- Joined: Mon Aug 02, 2021 8:13 am
A threat actor used a phishing email to deliver a file with an embedded macro. The file was opened, and a remote code ex
Join a community of subject matter experts. Register for FREE to view solutions, replies, and use search function. Request answer by replying!