You have discovered suspicious activity in your network. What is the BEST immediate action to take?
You have discovered suspicious activity in your network. What is the BEST immediate action to take?
C is correct
The best immediate action to take is C. Create a Suspicious Activity Monitoring (SAM) rule to block that traffic. Creating a SAM rule allows you to quickly block the suspicious activity without needing to install a new policy, which can be time-consuming. SAM rules are designed for immediate response to suspicious activities and can be enforced quickly to mitigate potential threats.