CompTIA CySA+ CS0-003 Practice Question
While monitoring network traffic, you notice an unfamiliar MAC address communicating with several internal systems. Upon investigation, you determine the device is not authorized and is not following standard security protocols. What should your next step be?
Gather information about the device
Monitor the device for more activity
Isolate the device from the network
Notify the network team for further instructions