Solved

A Security Analyst Receives a SIEM Alert That Someone Logged

Question 77

Multiple Choice

A security analyst receives a SIEM alert that someone logged in to the appadmin test account, which is only used for the early detection of attacks. The security analyst then reviews the following application log: A security analyst receives a SIEM alert that someone logged in to the appadmin test account, which is only used for the early detection of attacks. The security analyst then reviews the following application log: Which of the following can the security analyst conclude? A) A replay attack is being conducted against the application. B) An injection attack is being conducted against a user authentication system. C) A service account password may have been changed, resulting in continuous failed logins within the application. D) A credentialed vulnerability scanner attack is testing several CVEs against the application. Which of the following can the security analyst conclude?


A) A replay attack is being conducted against the application.
B) An injection attack is being conducted against a user authentication system.
C) A service account password may have been changed, resulting in continuous failed logins within the application.
D) A credentialed vulnerability scanner attack is testing several CVEs against the application.

Correct Answer:

verifed

Verified

Unlock this answer now
Get Access to more Verified Answers free of charge

Related Questions

Q72: A smart switch has the ability to

Q73: A company provides mobile devices to its

Q74: A document that appears to be malicious

Q75: A retail executive recently accepted a job

Q76: Users at an organization have been installing

Q78: A security analyst is investigating an incident

Q79: An organization has implemented a policy requiring

Q80: A company is designing the layout of

Q81: A company has limited storage space available

Q82: A network administrator needs to build out