Which of the following data sources will BEST help the analyst to determine whether this event constitutes an incident?

CS0-002 V1

Last Post by Giovanni 1 year ago

1 Posts

1 Users

0 Likes

138 Views

RSS

Giovanni

(@ferronigiovanni)

Noble Member

Joined: 2 years ago

Posts: 731

Topic starter 05/11/2022 1:28 am

An analyst is investigating an anomalous event reported by the SOC. After reviewing the system logs the analyst identifies an unexpected addition of a user with root-level privileges on the endpoint.

Which of the following data sources will BEST help the analyst to determine whether this event constitutes an incident?

A . Patching logs
B . Threat feed
C . Backup logs
D . Change requests
E . Data classification matrix

Show Answer Hide Answer

Suggested Answer: D

Quote

Topic Tags

CompTIA CySA+

Latest CS0-002 V1 Dumps Valid Version

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download PDF

Forum Jump:

Previous Topic

Next Topic