CompTIA Security+ Question B-11

Which of the following helps to establish an accurate timeline for a network intrusion?

A. Hashing images of compromised systems
B. Reviewing the date of the antivirus definition files
C. Analyzing network traffic and device logs
D. Enforcing DLP controls at the perimeter

Answer: C

Explanation:
Network activity as well as intrusion can be viewed on device logs and by analyzing the network traffic that passed through your network. Thus to establish an accurate timeline for a network intrusion you can look at and analyze the device logs and network traffic to yield the appropriate information.