Notifications
Clear all
Topic starter
03/10/2022 7:18 pm
A security analyst receives a SIEM alert that someone logged in to the appadmin test account, which is only used for the early detection of attacks.
The security analyst then reviews the following application log:
Which of the following can the security analyst conclude?
- A . A replay attack is being conducted against the application.
- B . An injection attack is being conducted against a user authentication system.
- C . A service account password may have been changed, resulting in continuous failed logins within the application.
- D . A credentialed vulnerability scanner attack is testing several CVEs against the application.
Suggested Answer: C