CompTIA Study Materials
AWS Study Materials
AWS Certified Developer Associate AWS Certified Developer Associate
AWS Certified Developer Associate DVA-C02
AWS Certified Solutions Architect Associate AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Associate SAA-C03
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA Security+ SY0-601 Practice Question

As an incident responder, you are tasked with investigating an alert that indicates a possible unauthorized access to a server. Upon reviewing the server's logs, you notice numerous failed login attempts followed by a successful login at an unusual time of night. What type of activity is MOST likely being logged, and which security control should be assessed for potential improvement?

  • This logging pattern is typical during a system update, and scheduled maintenance procedures should be reviewed.

  • This pattern of activity in the logs suggests a possible insider threat, and user retraining is necessary.

  • The logs indicate a brute-force attack; the account lockout policy should be reassessed.

  • The successful login at an unusual time suggests the need for tighter egress filtering controls.

This question's topic:
CompTIA Security+ SY0-601 / 
Operations and Incident Response
Your Score:
Operations and Incident Response
Attacks, Threats, and Vulnerabilities
Architecture and Design
Implementation
Governance, Risk, and Compliance