CompTIA Study Materials
AWS Study Materials
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA CySA+ CS0-003 Practice Question

A cybersecurity analyst notices multiple new user accounts have been created on a company's Active Directory within a very short period. All accounts follow a similar naming convention and were created by an administrator account that usually does not perform this task. Which of the following would be the BEST step for the analyst to take in order to determine if this activity is malicious?

  • Investigate the credentials and recent activity of the administrator account in question.

  • Analyze current threat intelligence reports to check for similar activity patterns.

  • Increase the network bandwidth to handle the additional load introduced by new users.

  • Immediately disable the newly created accounts until they can be verified.

This question is for objective:
Security Operations
Your Score:
Security Operations
Vulnerability Management
Incident Response and Management
Reporting and Communication