During network monitoring, an analyst observes periodic, predictable network traffic from a specific internal device to an external server. Which action should the analyst prioritize to identify if this is an indicator of beaconing?
Analyze the packet contents to check for signs of malicious communication.
Ignore the traffic since it is periodic and predictable.
Check if the traffic is using non-standard ports.
Validate the reputation of the external server.