CompTIA CySA+ CS0-003 Practice Question
During routine monitoring, a security analyst discovers unexpected outbound traffic to an unknown network location. Which of the following artifacts would best serve as an Indicator of Compromise (IoC) for further investigation?
Outbound connections to unknown network locations
Regularly updated antivirus definitions
Authentication logs showing successful logins
Scheduled maintenance reported by IT