CompTIA CySA+ CS0-003 (V3) Practice Question
During an investigation you receive the following excerpt from a centralized log ingestion system. Management wants to know which user generated the first failed login attempt that occurred after 08:30:00Z. Review the XML and identify the correct username:
<Log>
<Entry>
<Timestamp>2023-10-12T08:29:45Z</Timestamp>
<EventType>LoginAttempt</EventType>
<UserDetail>
<Username>asmith</Username>
<IPAddress>192.168.1.10</IPAddress>
<Success>false</Success>
</UserDetail>
</Entry>
<Entry>
<Timestamp>2023-10-12T08:30:15Z</Timestamp>
<EventType>LoginAttempt</EventType>
<UserDetail>
<Username>jdoe</Username>
<IPAddress>192.168.1.11</IPAddress>
<Success>true</Success>
</UserDetail>
</Entry>
<Entry>
<Timestamp>2023-10-12T08:31:05Z</Timestamp>
<EventType>LoginAttempt</EventType>
<UserDetail>
<Username>jbrown</Username>
<IPAddress>192.168.1.12</IPAddress>
<Success>false</Success>
</UserDetail>
</Entry>
<Entry>
<Timestamp>2023-10-12T08:33:00Z</Timestamp>
<EventType>LoginAttempt</EventType>
<UserDetail>
<Username>mmiller</Username>
<IPAddress>192.168.1.13</IPAddress>
<Success>false</Success>
</UserDetail>
</Entry>
</Log>
jbrown
jdoe
mmiller
asmith
CompTIA CySA+ CS0-003 (V3)
Security Operations
Your Score:
SAVE $51
SAVE $57
$474.00 $417.00
Bash, the Crucial Exams Chat Bot
AI Bot