Crucial Exams

CompTIA Security+ SY0-701 Practice Question

During a review of system logs, a security analyst notices an increase in log entries off-hours for a service account. This account is associated with a third-party vendor's update process, which runs monthly maintenance. Which of the following actions should the analyst undertake FIRST to determine if these out-of-cycle log entries are of concern?

  • Investigate the identity and access management policy for potential unauthorized modifications concerning service accounts.

  • Correlate the log entries with user badge access records to establish a pattern of physical access during off-hours.

  • Physically inspect the system where the service account credentials are stored to check for tampering.

  • Analyze the log entries to identify the types of operations performed and if they deviate from known patterns.

  • Conduct a user interview to discuss the actions the third-party vendor has performed during the off-hours.

  • Validate the log entries against the third-party vendor's documented update schedule.

CompTIA Security+ SY0-701
Threats, Vulnerabilities, and Mitigations
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
SAVE $49
CompTIA Security+ Voucher (SY0-701)
$404.00 $355.00
Bash, the Crucial Exams Chat Bot
AI Bot