During a review of SIEM alerts, a security analyst discovers the SIEM is receiving many alerts per day from the file-integrity monitoring tool about files from a newly deployed application that should not change. Which of the following steps should the analyst complete FIRST to respond to the issue?
A. Warn the incident response team that the server can be compromised.
B. Open a ticket informing the development team about the alerts.
C. Check if temporary files are being monitored.
D. Dismiss the alert, as the new application is still being adapted to the environment.
A. Warn the incident response team that the server can be compromised.
B. Open a ticket informing the development team about the alerts.
C. Check if temporary files are being monitored.
D. Dismiss the alert, as the new application is still being adapted to the environment.