The EC Council Certified Incident Handler (ECIH) at an organization suspects an employee to be an insider threat due to unusual network activities The handler is currently using the ActivTrak Employee Monitoring Solution for insider threat detection Which of the following actions is the most appropriate first step for the incident handler to perform in this scenario A Contact law enforcement agencies and legal authorities for a thorough investigation B Analyzing the screenshots captured by ActivTrak and the resources involved in the suspected activities C Blocking all access for the suspected employee, including email, application accounts, physical access cards, and network credentials D Immediately report the suspicious activity to senior management to seek further advice

Question

The EC Council Certified Incident Handler (ECIH) at an organization suspects an employee to be an insider threat due to unusual network activities  The handler is currently using the ActivTrak Employee Monitoring Solution for insider threat detection  Which of the following actions is the most appropriate first step for the incident handler to perform in this scenario  A  Contact law enforcement agencies and legal authorities for a thorough investigation  B  Analyzing the screenshots captured by ActivTrak and the resources involved in the suspected activities  C  Blocking all access for the suspected employee, including email, application accounts, physical access cards, and network credentials  D  Immediately report the suspicious activity to senior management to seek further advice

SolutionInn · Accepted Answer

The Answer is in the image, click to view ...

Question: The EC-Council Certified Incident Handler (ECIH) at an organization suspects an employee to be an insider threat due to unusual network activities. The handler is

Step by Step Solution