You receive an email from a third-party vendor that one of their services is compromised, the vendor names a specific IP address that the compromised service was using. Where would you input this indicator to find any activity related to this IP address?
To find any activity related to a specific IP address, you would input the indicator in the IP Addresses section. This is because IP addresses are the primary data points that need to be monitored when tracking network activity, identifying connections, and analyzing potential security incidents.
correct answer is A
correct answer is A
Support A