Netskope Certified Cloud Security Professional (NCCSP) — Question 4
You are given an MD5 hash of a file suspected to be malware by your security incident response team. They ask you to offer insight into who has encountered this file and from where was the threat initiated.
In which two Scope IT events tables would you search to find the answers to these questions? (Choose two.)
Answer options
- A. Application Events
- B. Network Events
- C. Alerts
- D. Page Events
Correct answer: B, C
Explanation
The correct answers are B and C because Network Events can provide data on the source and destination of the file's transmission, while Alerts can indicate any security warnings triggered by interactions with the file. Options A and D are not relevant as they do not focus on network interactions or security alerts related to the file.