SY0-701 Exam Dumps | A network security analyst monitors the network's IDS, which has flagged unusual activity. The IDS has

<< Prev Question Next Question >>

Question 321/329

A network security analyst monitors the network's IDS, which has flagged unusual activity. The IDS has detected multiple login attempts to a database server within a short period. These attempts come from various IP addresses that are not normally recognized by the network's usual traffic patterns. Each attempt uses the same username and password. Based on the following log output (corrected formatting for readability):
2025-04-10 14:22:01.4532 - Source IP: 192.168.15.101 - Status: Failed - User: JDoe - Action: Login Attempt
2025-04-10 14:22:02.1122 - Source IP: 192.168.15.102 - Status: Failed - User: JDoe - Action: Login Attempt
2025-04-10 14:22:02.7835 - Source IP: 192.168.15.103 - Status: Failed - User: JDoe - Action: Login Attempt
2025-04-10 14:22:03.5637 - Source IP: 192.168.15.104 - Status: Failed - User: JDoe - Action: Login Attempt
2025-04-10 14:22:04.9474 - Source IP: 192.168.15.105 - Status: Failed - User: JDoe - Action: Login Attempt
2025-04-10 14:22:05.5673 - Source IP: 192.168.15.106 - Status: Failed - User: JDoe - Action: Login Attempt
2025-04-10 14:22:06.1573 - Source IP: 192.168.15.107 - Status: Failed - User: JDoe - Action: Login Attempt
2025-04-10 14:22:07.7462 - Source IP: 192.168.15.108 - Status: Failed - User: JDoe - Action: Login Attempt Which of the following types of network attacks is most likely occurring?

A. Cross-site scripting

B. Credential replay

C. Distributed denial of service

D. SQL injection

Question List (329q): Question 1: A company purchased cyber insurance to address items listed ...; Question 2: The security operations center is researching an event conce...; Question 3: Which of the following should a security administrator adher...; Question 4: A security analyst wants to automate a task that shares data...; Question 5: Which of the following allows for the attribution of message...; Question 6: Which of the following activities are associated with vulner...; Question 7: Which of the following strategies most effectively protects ...; Question 8: Which of the following actions would reduce the number of fa...; Question 9: A company wants to track modifications to the code used to b...; Question 10: Employees sign an agreement that restricts specific activiti...; Question 11: An employee fell for a phishing scam, which allowed an attac...; Question 12: An external vendor recently visited a company ' s headquarte...; Question 13: A security audit of an organization revealed that most of th...; Question 14: A bank set up a new server that contains customers ' Pll. Wh...; Question 15: Which of the following considerations is the most important ...; Question 16: Which of the following examples would be best mitigated by i...; Question 17: A software developer would like to ensure. The source code c...; Question 18: A security administrator is deploying a DLP solution to prev...; Question 19: A systems administrator works for a local hospital and needs...; Question 20: Which of the following is the best way to validate the integ...; Question 21: Which of the following should an internal auditor check for ...; Question 22: A systems administrator notices that one of the systems crit...; Question 23: Which of the following threat actors is the most likely to u...; Question 24: An attacker posing as the Chief Executive Officer calls an e...; Question 25: A company implemented an MDM policy 10 mitigate risks after ...; Question 26: Which of the following is the act of proving to a customer t...; Question 27: A security team created a document that details the order in...; Question 28: Which of the following best describes the main difference be...; Question 29: An organization wants to deploy software in a container envi...; Question 30: Employees in the research and development business unit rece...; Question 31: An analyst identifies that multiple users have the same pass...; Question 32: A company ' s accounting department receives an urgent payme...; Question 33: A business uses Wi-Fi with content filleting enabled. An emp...; Question 34: Which of the following consequences would a retail chain mos...; Question 35: Which of the following vulnerabilities is associated with in...; Question 36: An administrator is creating a secure method for a contracto...; Question 37: Which of the following exercises should an organization use ...; Question 38: Which of the following is the best way to remove personal da...; Question 39: An organization wants to improve the company ' s security au...; Question 40: Which of the following provides the best protection against ...; Question 41: After a company was compromised, customers initiated a lawsu...; Question 42: A security engineer is installing an IPS to block signature-...; Question 43: Which of the following is the best way to improve the confid...; Question 44: Which of the following should be used to prevent changes to ...; Question 45: An organization is looking to optimize its environment and r...; Question 46: A company ' s antivirus solution is effective in blocking ma...; Question 47: While investigating a recent security breach an analyst find...; Question 48: Which of the following most accurately describes the order i...; Question 49: Various company stakeholders meet to discuss roles and respo...; Question 50: Which of the following data protection strategies can be use...; Question 51: A few weeks after deploying additional email servers, employ...; Question 52: A security analyst is creating base for the server team to f...; Question 53: Which of the following best explains how open service ports ...; Question 54: Which of the following would a security administrator use to...; Question 55: A site reliability engineer is designing a recovery strategy...; Question 56: Which of the following methods would most likely be used to ...; Question 57: An administrator learns that users are receiving large quant...; Question 58: A systems administrator is concerned users are accessing ema...; Question 59: Which of the following techniques would identify whether dat...; Question 60: A company identified the potential for malicious insiders to...; Question 61: An employee from the accounting department logs in to the we...; Question 62: Which of the following would be most useful in determining w...; Question 63: A systems administrator wants to use a technical solution to...; Question 64: At the start of a penetration test, the tester checks OSINT ...; Question 65: Which of the following aspects of the data management life c...; Question 66: An engineer moved to another team and is unable to access th...; Question 67: During a recent log review, an analyst discovers evidence of...; Question 68: A security analyst and the management team are reviewing the...; Question 69: Which of the following would most likely be used by attacker...; Question 70: Which of the following is required for an organization to pr...; Question 71: The Chief Information Security Officer (CISO) requires that ...; Question 72: Which of the following can automate vulnerability management...; Question 73: Which of the following are cases in which an engineer should...; Question 74: A customer has a contract with a CSP and wants to identify w...; Question 75: An administrator discovers that some files on a database ser...; Question 76: Which of the following is the best method to reduce the atta...; Question 77: Cadets speaking a foreign language are using company phone n...; Question 78: Which of the following is an example of a false negative vul...; Question 79: A systems administrator is auditing all company servers to e...; Question 80: A security analyst is reviewing alerts in the SIEM related t...; Question 81: Which of the following should be used to ensure an attacker ...; Question 82: A company wants to verify that the software the company is d...; Question 83: An administrator must replace an expired SSL certificate. Wh...; Question 84: Which of the following is a type of vulnerability that may r...; Question 85: A company with a high-availability website is looking to har...; Question 86: An organization would like to store customer data on a separ...; Question 87: Which of the following is the most common data loss path for...; Question 88: Which of the following is the best way to prevent data from ...; Question 89: An employee asks a security analyst to scan a suspicious ema...; Question 90: Which of the following best describe why a process would req...; Question 91: Which of the following organizational documents is most ofte...; Question 92: Which of the following teams combines both offensive and def...; Question 93: Which of the following tools is best for logging and monitor...; Question 94: An organization disabled unneeded services and placed a fire...; Question 95: Which of the following best practices gives administrators a...; Question 96: An administrator was notified that a user logged in remotely...; Question 97: The management team wants to assess the cybersecurity team '...; Question 98: An employee recently resigned from a company. The employee w...; Question 99: An organization has recently decided to implement SSO. The r...; Question 100: An administrator has identified and fingerprinted specific f...; Question 101: Which of the following is a benefit of vendor diversity?...; Question 102: A company makes a change during the appropriate change windo...; Question 103: A security analyst receives an alert from a web server that ...; Question 104: After creating a contract for IT contractors, the human reso...; Question 105: Which of the following describes the procedures a penetratio...; Question 106: Which of the following definitions best describes the concep...; Question 107: A company processes and stores sensitive data on its own sys...; Question 108: An administrator investigating an incident is concerned abou...; Question 109: Which of the following is a type of vulnerability that invol...; Question 110: A systems administrator is changing the password policy with...; Question 111: A company has a website in a server cluster. One server is e...; Question 112: A security team wants to work with the development team to e...; Question 113: An alert references attacks associated with a zero-day explo...; Question 114: Users at a company are reporting they are unable to access t...; Question 115: Which of the following is the best way to securely store an ...; Question 116: A penetration test identifies that an SMBvl Is enabled on mu...; Question 117: A company wants to reduce the time and expense associated wi...; Question 118: The executive management team is mandating the company devel...; Question 119: Which of the following solutions would most likely be used i...; Question 120: Which of the following is a directive managerial control?...; Question 121: A systems administrator needs to encrypt all data on employe...; Question 122: An enterprise has been experiencing attacks focused on explo...; Question 123: A business received a small grant to migrate its infrastruct...; Question 124: A systems administrator wants to prevent users from being ab...; Question 125: A systems administrator notices that the research and develo...; Question 126: A security analyst wants to better understand the behavior o...; Question 127: A malicious update was distributed to a common software plat...; Question 128: A security analyst receives an alert from a corporate endpoi...; Question 129: Which of the following is the most likely outcome if a large...; Question 130: A company is concerned with supply chain compromise of new s...; Question 131: Which of the following is an example of change management?...; Question 132: During an investigation, a security analyst discovers traffi...; Question 133: An organization has learned that its data is being exchanged...; Question 134: Visitors to a secured facility are required to check in with...; Question 135: An IT manager is putting together a documented plan describi...; Question 136: Which of the following are the most important considerations...; Question 137: A security analyst identifies an incident in the network. Wh...; Question 138: Which of the following would most likely be deployed to obta...; Question 139: Which of the following security principles most likely requi...; Question 140: Which of the following allows a systems administrator to tun...; Question 141: Various stakeholders are meeting to discuss their hypothetic...; Question 142: A security officer observes that a software development team...; Question 143: Which of the following techniques would attract the attentio...; Question 144: Which of the following is an algorithm performed to verify t...; Question 145: Which of the following activities should a systems administr...; Question 146: A certificate authority needs to post information about expi...; Question 147: In which of the following will unencrypted PLC management tr...; Question 148: Which of the following should a security analyst consider wh...; Question 149: An IT security team is concerned about the confidentiality o...; Question 150: After an audit, an administrator discovers all users have ac...; Question 151: An organization's internet-facing website was compromised wh...; Question 152: An accountant is transferring information to a bank over FTP...; Question 153: A company ' s online shopping website became unusable shortl...; Question 154: Which of the following best describes the practice of resear...; Question 155: Which of the following describes a situation where a user is...; Question 156: An analyst discovers a suspicious item in the SQL server log...; Question 157: After a series of account compromises and credential misuse,...; Question 158: A security administrator recently reset local passwords and ...; Question 159: Which of the following incident response activities ensures ...; Question 160: Which of the following is the most important element when de...; Question 161: An organization experiences a cybersecurity incident involvi...; Question 162: An organization issued new laptops to all employees and want...; Question 163: A small business initially plans to open common communicatio...; Question 164: A company is developing a business continuity strategy and n...; Question 165: In a rush to meet an end-of-year business goal, the IT depar...; Question 166: A company needs to provide administrative access to internal...; Question 167: Which of the following activities is the first stage in the ...; Question 168: A recent penetration test identified that an attacker could ...; Question 169: Which of the following is a type of vulnerability that refer...; Question 170: A company has begun labeling all laptops with asset inventor...; Question 171: A new vulnerability enables a type of malware that allows th...; Question 172: After failing an audit twice, an organization has been order...; Question 173: A user is attempting to patch a critical system, but the pat...; Question 174: Which of the following is a reason environmental variables a...; Question 175: During a SQL update of a database, a temporary field that wa...; Question 176: Which of the following attacks primarily targets insecure ne...; Question 177: After a security awareness training session, a user called t...; Question 178: While reviewing logs, a security administrator identifies th...; Question 179: Which of the following is an example of a certificate that i...; Question 180: A security analyst needs to improve the company's authentica...; Question 181: The Chief Information Security Officer wants to discuss opti...; Question 182: A software developer released a new application and is distr...; Question 183: A security analyst has determined that a security breach wou...; Question 184: Which of the following should a security operations center u...; Question 185: A company ' s end users are reporting that they are unable t...; Question 186: During the onboarding process, an employee needs to create a...; Question 187: A systems administrator needs to provide traveling employees...; Question 188: The physical security team at a company receives reports tha...; Question 189: A company plans to secure its systems by: Preventing users f...; Question 190: Which of the following best describes why me SMS DIP authent...; Question 191: An unknown source has attacked an organization's network mul...; Question 192: While reviewing a recent compromise, a forensics team discov...; Question 193: Which of the following would be the best ways to ensure only...; Question 194: Which of the following would help ensure a security analyst ...; Question 195: An organization has been experiencing issues with deleted ne...; Question 196: Which of the following techniques would identify whether dat...; Question 197: Which of the following can best contribute to prioritizing p...; Question 198: During a penetration test in a hypervisor, the security engi...; Question 199: Which of the following is the most likely motivation for a h...; Question 200: Which vulnerability is most likely mitigated by setting up a...; Question 201: Employees are missing features on company-provided tablets, ...; Question 202: Which of the following can be used to mitigate attacks from ...; Question 203: Which of the following prevents unauthorized modifications t...; Question 204: A manufacturing organization receives the results from a pen...; Question 205: A security analyst receives an alert that there was an attem...; Question 206: Which solution is most likely used in the financial industry...; Question 207: An employee in the accounting department receives an email c...; Question 208: Which of the following describes the category of data that i...; Question 209: Which of the following would be the greatest concern for a c...; Question 210: A technician needs to apply a high-priority patch to a produ...; Question 211: A user sends an email that includes a digital signature for ...; Question 212: Which of the following is prevented by proper data sanitizat...; Question 213: Which of the following is the best mitigation for a zero-day...; Question 214: A security analyst is reviewing the security of a SaaS appli...; Question 215: A security analyst scans a company ' s public network and di...; Question 216: Which of the following risk management strategies should an ...; Question 217: Which of the following is a benefit of an RTO when conductin...; Question 218: After reviewing the following vulnerability scanning report:...; Question 219: A company discovers suspicious transactions that were entere...; Question 220: Which of the following would be the best way to handle a cri...; Question 221: Which of the following is used to validate a certificate whe...; Question 222: Which of the following should an organization focus on the m...; Question 223: Which of the following would best allow a company to prevent...; Question 224: Which of the following activities should be performed first ...; Question 225: During a SQL update of a database, a temporary field used as...; Question 226: A security report shows that during a two-week test period. ...; Question 227: A security team is reviewing the findings in a report that w...; Question 228: A security team purchases a tool for cloud security posture ...; Question 229: Which of the following activities is included in the post-in...; Question 230: Which of the following would best explain why a security ana...; Question 231: Which of the following is most likely associated with introd...; Question 232: A government worker secretly copies classified files that co...; Question 233: Which of the following would most likely prevent exploitatio...; Question 234: A new employee logs in to the email system for the first tim...; Question 235: Which of the following actions could a security engineer tak...; Question 236: A Chief Information Security Officer (CISO) wants to explici...; Question 237: A security administrator protects passwords by using hashing...; Question 238: A visitor plugs a laptop into a network jack in the lobby an...; Question 239: A security analyst sees an increase of vulnerabilities on wo...; Question 240: Which of the following phases of an incident response involv...; Question 241: Which of the following are the best for hardening end-user d...; Question 242: You are security administrator investigating a potential inf...; Question 243: A company is currently utilizing usernames and passwords, an...; Question 244: A Chief Information Security Officer (CISO) has developed in...; Question 245: An administrator is installing an SSL certificate on a new s...; Question 246: An employee clicks a malicious link in an email that appears...; Question 247: Which of the following vulnerabilities is exploited when an ...; Question 248: The Cruel Information Security Officer (CISO) asks a securit...; Question 249: Which of the following is a common source of unintentional c...; Question 250: Which of the following is the most likely reason a security ...; Question 251: Which of the following tasks is typically included in the BI...; Question 252: Which of the following data types best describes an AI tool ...; Question 253: Which of the following is a qualitative approach to risk ana...; Question 254: Which of the following hardening techniques must be applied ...; Question 255: A company ' s Chief Information Security Officer (CISO) want...; Question 256: The Chief Information Security Officer wants to put security...; Question 257: A company has yearly engagements with a service provider. Th...; Question 258: Which of the following are the best methods for hardening en...; Question 259: Which of the following would best explain why a security ana...; Question 260: The internal audit team determines a software application is...; Question 261: A systems administrator is creating a script that would save...; Question 262: A software development manager wants to ensure the authentic...; Question 263: A security analyst is prioritizing vulnerability scan result...; Question 264: A security consultant needs secure, remote access to a clien...; Question 265: Which of the following should be used to select a label for ...; Question 266: A security analyst investigates an incident in which a Power...; Question 267: Which of the following should be used to ensure that a new s...; Question 268: An employee receives a text message from an unknown number c...; Question 269: A security officer is implementing a security awareness prog...; Question 270: A company is in the process of migrating to cloud-based serv...; Question 271: A company asks a vendor to help its internal red team with a...; Question 272: Which of the following is a technical security control?...; Question 273: Which of the following cryptographic methods is preferred fo...; Question 274: Which of the following would best prepare a security team fo...; Question 275: A Chief Information Security Officer would like to conduct f...; Question 276: The private key for a website was stolen, and a new certific...; Question 277: Which of the following security concepts is accomplished whe...; Question 278: An IT administrator needs to ensure data retention standards...; Question 279: During a routine audit, an analyst discovers that a departme...; Question 280: An administrator needs to perform server hardening before de...; Question 281: A security analyst determines that a security breach will ha...; Question 282: Which of the following is the most effective way to protect ...; Question 283: Which of the following is the main consideration when a lega...; Question 284: A company wants to use new Wi-Fi-enabled environmental senso...; Question 285: Which of the following describes an executive team that is m...; Question 286: A security administrator needs to reduce the attack surface ...; Question 287: A company is working with a vendor to perform a penetration ...; Question 288: Which of the following is a benefit of launching a bug bount...; Question 289: A security analyst learns that an attack vector, used as par...; Question 290: An organization is implementing a COPE mobile device managem...; Question 291: A security analyst is examining a penetration test report an...; Question 292: A company relies on open-source software libraries to build ...; Question 293: A company wants to ensure secure remote access to its intern...; Question 294: An organization maintains intellectual property that it want...; Question 295: Which of the following types of vulnerabilities involves att...; Question 296: The security operations center is researching an event conce...; Question 297: An analyst is evaluating the implementation of Zero Trust pr...; Question 298: Which of the following roles, according to the shared respon...; Question 299: Which of the following best represents how frequently an inc...; Question 300: Which of the following mitigation techniques would a securit...; Question 301: A systems administrator is creating a script that would save...; Question 302: An organization is leveraging a VPN between its headquarters...; Question 303: A user would like to install software and features that are ...; Question 304: A company performs a risk assessment on the information secu...; Question 305: While conducting a business continuity tabletop exercise, th...; Question 306: Which of the following is the best way to prevent an unautho...; Question 307: Which of the following best describes the concept of informa...; Question 308: A company wants to minimize the chance of its outgoing marke...; Question 309: A company is implementing a vendor ' s security tool in the ...; Question 310: Which of the following would best ensure a controlled versio...; Question 311: Which of the following describes the reason for using an MDM...; Question 312: Which of the following is a feature of a next-generation SIE...; Question 313: A nation-state attacker gains access to the email accounts o...; Question 314: Which of the following activities would involve members of t...; Question 315: Which of the following is a social engineering attack in whi...; Question 316: While troubleshooting a firewall configuration, a technician...; Question 317: The Chief Information Security Officer (CISO) has determined...; Question 318: Which of the following is the best safeguard to protect agai...; Question 319: Which of the following can best protect against an employee ...; Question 320: A security analyst investigates abnormal outbound traffic fr...; Question 321: A network security analyst monitors the network's IDS, which...; Question 322: Sine a recent upgrade (o a WLAN infrastructure, several mobi...; Question 323: A growing organization, which hosts an externally accessible...; Question 324: A security team is setting up a new environment for hosting ...; Question 325: A company needs to determine whether authentication weakness...; Question 326: An organization designs an inbound firewall with a fail-open...; Question 327: A security consultant is working with a client that wants to...; Question 328: An organization wants a third-party vendor to do a penetrati...; Question 329: A security practitioner completes a vulnerability assessment...

Question 321/329

LEAVE A REPLY

Download PDF File