Question 56
The Chief Information Security Officer for an organization recently received approval to install a new EDR solution. Following the installation, the number of alerts that require remediation by an analyst has tripled.
Which of the following should the organization utilize to best centralize the workload for the internal security team? (Select two).
Question 57
A security analyst received an alert regarding multiple successful MFA log-ins for a particular user When reviewing the authentication logs the analyst sees the following:
Which of the following are most likely occurring, based on the MFA logs? (Select two).
Question 58
A cloud team received an alert that unauthorized resources were being auto-provisioned. After investigating, the team suspects that crypto mining is occurring. Which of the following indicators would most likely lead the team to this conclusion?
.
Question 59
A company brings in a consultant to make improvements to its website. After the consultant leaves. a web developer notices unusual activity on the website and submits a suspicious file containing the following code to the security team:
Which of the following did the consultant do?
Question 60
After updating the email client to the latest patch, only about 15% of the workforce is able to use email.
Windows 10 users do not experience issues, but Windows 11 users have constant issues. Which of the following did the change management team fail to do?
