CompTIA CySA+CS0-002 – Question173

A security analyst is concerned the number of security incidents being reported has suddenly gone down. Daily business interactions have not changed, and no additional security controls have been implemented. Which of the following should the analyst review FIRST?

A.
The DNS configuration
B. Privileged accounts
C. The IDS rule set
D. The firewall ACL

Correct Answer: C