CompTIACompTIA
SY0-701 · Question #574
SY0-701 Question #574: Real Exam Question with Answer & Explanation
Sign in or unlock SY0-701 to reveal the answer and full explanation for question #574. The question stem and answer options stay visible for context.
Submitted by the_admin· Mar 6, 2026Security operations
Question
A company suffered a critical incident where 30GB of data was exfiltrated from the corporate network. Which of the following actions is the most efficient way to identify where the system data was exfiltrated from and what location the attacker sent the data to?
Options
- AAnalyze firewall and network logs for large amounts of outbound traffic to external IP addresses
- BAnalyze IPS and IDS logs to find the IP addresses used by the attacker for reconnaissance
- CAnalyze endpoint and application logs to see whether file-sharing programs were running on the
- DAnalyze external vulnerability scans and automated reports to identify the systems the attacker
Unlock SY0-701 to see the answer
You've previewed enough free SY0-701 questions. Unlock SY0-701 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#Incident Response#Log Analysis#Data Exfiltration#Network Forensics