CompTIA Study Materials
AWS Study Materials
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA Security+ SY0-601 Practice Question

As an incident responder, you are tasked with investigating an alert that indicates a possible unauthorized access to a server. Upon reviewing the server's logs, you notice numerous failed login attempts followed by a successful login at an unusual time of night. What type of activity is MOST likely being logged, and which security control should be assessed for potential improvement?

  • The successful login at an unusual time suggests the need for tighter egress filtering controls.

  • The logs indicate a brute-force attack; the account lockout policy should be reassessed.

  • This pattern of activity in the logs suggests a possible insider threat, and user retraining is necessary.

  • This logging pattern is typical during a system update, and scheduled maintenance procedures should be reviewed.

Subscribe to avoid duplicate questions and track your progress over time

Your Score:
Operations and Incident Response
Architecture and Design
Implementation
Governance, Risk, and Compliance
Attacks, Threats, and Vulnerabilities
CompTIA Security+ SY0-601
  • Attacks, Threats, and Vulnerabilities
  • Architecture and Design
  • Implementation
  • Operations and Incident Response
    • This question is filed here
  • Governance, Risk, and Compliance