A security analyst received an alert from the SIEM indicating numerous login attempts from users outside their usual geographic zones, all of which were initiated through the web-based mail server. The logs indicate all domain accounts experienced two login attempts during the same time frame. Which of the following is the MOST likely cause of this issue?
A) A password-spraying attack was performed against the organization.
B) A DDoS attack was performed against the organization.
C) This was normal shift work activity; the SIEM's AI is learning.
D) A credentialed external vulnerability scan was performed.
Correct Answer:
Verified
Q82: A user's computer has been running slowly
Q83: An analyst is working with a network
Q84: An analyst is performing penetration testing and
Q85: A security analyst has received reports of
Q86: A cybersecurity analyst is contributing to a
Q88: Data spillage occurred when an employee accidentally
Q89: A company was recently awarded several large
Q90: A security analyst for a large financial
Q91: Which of the following types of policies
Q92: A security analyst has observed several incidents
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents