Multiple Choice
An analyst is investigating an anomalous event reported by the SOC. After reviewing the system logs, the analyst identifies an unexpected addition of a user with root-level privileges on the endpoint. Which of the following data sources will BEST help the analyst to determine whether this event constitutes an incident?
A) Patching logs
B) Threat feed
C) Backup logs
D) Change requests
E) Data classification matrix
Correct Answer:
Verified
Correct Answer:
Verified
Q1: A security analyst has discovered that developers
Q3: Which of the following session management techniques
Q4: A security analyst is reviewing the following
Q5: Which of the following secure coding techniques
Q6: A security analyst implemented a solution that
Q7: An information security analyst is reviewing backup
Q8: A user receives a potentially malicious email
Q9: A development team uses open-source software and
Q10: A security analyst is building a malware
Q11: A company's incident response team is handling