Which of the following environments does the analyst need to examine to continue troubleshooting the event?
A security analyst reviews SIEM logs and discovers the following error event:
Which of the following environments does the analyst need to examine to continue troubleshooting the event?
A . Proxy server
B . SQL server
C . Windows domain controller
D . WAF appliance
E . DNS server
Answer: C
Explanation:
A Windows domain controller is a server that manages authentication and authorization for users and computers in a Windows domain. A Windows domain controller uses Active Directory Domain Services (AD DS) to store information about users, groups, computers, policies, and other objects in a domain. A Windows domain controller can generate event logs that record various activities and events related to security, system, application, etc. The event log shown in the question indicates that it was generated by a Windows domain controller with an IP address of 10.0.0.1 and a hostname of DC01.
Reference: What Is a Domain Controller? | Microsoft Docs
Latest CS0-002 Dumps Valid Version with 220 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund