CompTIA CySA+ CS0-003 Practice Question
An analyst is tasked with investigating suspicious repeated retrieval requests from a client's device to a non-whitelisted external destination. The analyst opts to use a prominent network traffic analysis tool to capture and scrutinize the content of these transactions. What is the most effective way for the analyst to use this tool to concentrate their investigation on the exchanges associated with this unusual behavior?
Configure the tool to record all inbound data, presuming the origin of the transmissions will be unveiled.
Instruct the tool to log all transaction attempts on the network to manually sift through for the entities of interest.
Apply a filter for the internal machine's address to assess all its outbound digital interactions.
Implement a filter for the external destination’s network address within the tool to analyze the related data exchanges.