A Security Analyst found multiple connection attempts from suspicious remote IP addresses to a local host on the DMZ over port 80. After checking related events no successful exploits were detected.Upon checking international documentation, this activity was part of an expected penetration test which requires no immediate investigation.How can the Security Analyst ensure results of the penetration test are retained?
Which list is only Rule Actions?
What are the two available formats for exporting event and flow data for external analysis? (Choose two.)
Which information can be found under the Network Activity tab?
Which type of tests are recommended to be placed first in a rule to increase efficiency?
Where can a user add a note to an offense in the user interface?
