During routine monitoring, a security analyst discovers unexpected outbound traffic to an unknown network location. Which of the following artifacts would best serve as an Indicator of Compromise (IoC) for further investigation?
Outbound connections to unknown network locations are often regarded as Indicators of Compromise (IoC) because they can signify a potential breach or malicious activity. Analysts may further investigate this by analyzing the associated network traffic, linked processes, and source systems.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are Indicators of Compromise (IoCs)?
Open an interactive chat with Bash
Why is analyzing outbound traffic crucial in cybersecurity?
Open an interactive chat with Bash
What tools can be used to analyze unusual outbound traffic?