اختبار شهادة محلل الأمن السيبراني CompTIA CySA+

السؤال 408 من 1040

كل الأسئلة

تنبيه مهم

هذه الصفحة مخصصة للأرشفة وظهور السؤال في نتائج البحث فقط، وليست التجربة الفعلية للاختبار.

The SOC received a threat intelligence notification indicating that an employee's credentials were found on the dark web. The user's web and log-in activities were reviewed for malicious or anomalous connections, data uploads/downloads, and exploits. A review of the controls confirmed multifactor authentication was enabled. Which of the following should be done first to mitigate impact to the business networks and assets?

A Perform a forced password reset.
B Communicate the compromised credentials to the user.
C Perform an ad hoc AV scan on the user's laptop.
D Review and ensure privileges assigned to the user's account reflect least privilege.
E Lower the thresholds for SOC alerting of suspected malicious activity.

السؤال السابق

السؤال التالي

لا توجد نقاشات منشورة لهذا السؤال حالياً.