Multiple Choice
An employee who often travels abroad logs in from a first-seen country during non-working hours. The SIEM tool generates an alert that the user is forwarding an increased amount of emails to an external mail domain and then logs out. The investigation concludes that the external domain belongs to a competitor. Which two behaviors triggered UEBA? (Choose two.)
A) domain belongs to a competitor
B) log in during non-working hours
C) email forwarding to an external domain
D) log in from a first-seen country
E) increased number of sent mails
Correct Answer:
Verified
Correct Answer:
Verified
Q1: An organization had a breach due to
Q2: A SOC analyst is investigating a recent
Q3: Refer to the exhibit. Which indicator of
Q4: An organization is using a PKI management
Q6: Refer to the exhibit. Which command was
Q7: What is idempotence?<br>A) the assurance of system
Q8: An engineer received multiple reports from users
Q9: A logistic company must use an outdated
Q10: What is a limitation of cyber security
Q11: An engineer received an alert of a