Which Indicator of Compromise might be detected as variations in the behavior of privileged users that indicate that their account is being used by someone else to gain a foothold in an environment?
Which Indicator of Compromise might be detected as variations in the behavior of privileged users that indicate that their account is being used by someone else to gain a foothold in an environment?
A . Mismatched Port – Application Traffic
B . Irregularities in Privileged User Account Activity
C . Surges in Database Read Volume
D . Geographical Irregularities
Answer: B
Explanation:
An Indicator of Compromise (IOC), such as irregularities in privileged user account activity, can signal that a privileged account may be compromised and used maliciously. This can involve deviations from typical login times, unusual commands or requests, or access to resources not typically utilized by the user. Monitoring such anomalies can help detect when an attacker has gained access to a privileged account and is attempting to establish control within the environment.
Latest 250-580 Dumps Valid Version with 150 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund