What is the next step that should be taken?

After a file disposition changes from unknown to malicious, what is the next step that should be taken?

Question:

What is the next step that should be taken?

Options:

Run the file in a sandbox to verify if it is malicious and to determine the file behaviors.

Create a new IPS signature to detect the malicious file.

Go back to the system where the file was previously seen and quarantine the malicious file.

Run a file retrospective analysis in the cloud using machine learning to determine the file SHA.

Correct Answer

The Correct Answer for this Question is

Go back to the system where the file was previously seen and quarantine the malicious file.

Leave a Comment