Multiple Choice
A SOC team is informed that a UK-based user will be traveling between three countries over the next 60 days. Having the names of the 3 destination countries and the user's working hours, what must the analyst do next to detect an abnormal behavior?
A) Create a rule triggered by 3 failed VPN connection attempts in an 8-hour period
B) Create a rule triggered by 1 successful VPN connection from any nondestination country
C) Create a rule triggered by multiple successful VPN connections from the destination countries
D) Analyze the logs from all countries related to this user during the traveling period
Correct Answer:
Verified
Correct Answer:
Verified
Q51: A company launched an e-commerce website with
Q52: An engineer has created a bash script
Q53: Engineers are working to document, list, and
Q54: A company's web server availability was breached
Q55: Refer to the exhibit. A threat actor
Q57: An engineer implemented a SOAR workflow to
Q58: What is the impact of hardening machine
Q59: What is the difference between process orchestration
Q60: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1178/.jpg" alt=" Refer to the
Q61: An engineer receives a report that indicates