Which of the following is the MOST likely cause of this issue?
A security analyst received an alert from the SIEM indicating numerous login attempts from users outside their usual geographic zones, all of which were initiated through the web-based mail server. The logs indicate all domain accounts experienced two login attempts during the same time frame.
Which of the following is the MOST likely cause of this issue?
A . A password-spraying attack was performed against the organization.
B. A DDoS attack was performed against the organization.
C. This was normal shift work activity; the SIEM’s AI is learning.
D. A credentialed external vulnerability scan was performed.
Answer: A
Explanation:
Reference: https://doubleoctopus.com/security-wiki/threats-and-tools/password-spraying/
Latest CS0-002 Dumps Valid Version with 220 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund