CompTIA Study Materials
AWS Study Materials
AWS Certified Developer Associate AWS Certified Developer Associate
AWS Certified Developer Associate DVA-C02
AWS Certified Solutions Architect Associate AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Associate SAA-C03
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA Security+ SY0-701 Practice Question

During a review of system logs, a security analyst notices an increase in log entries off-hours for a service account. This account is associated with a third-party vendor's update process, which runs monthly maintenance. Which of the following actions should the analyst undertake FIRST to determine if these out-of-cycle log entries are of concern?

  • Investigate the identity and access management policy for potential unauthorized modifications concerning service accounts.

  • Analyze the log entries to identify the types of operations performed and if they deviate from known patterns.

  • Correlate the log entries with user badge access records to establish a pattern of physical access during off-hours.

  • Physically inspect the system where the service account credentials are stored to check for tampering.

  • Conduct a user interview to discuss the actions the third-party vendor has performed during the off-hours.

  • Validate the log entries against the third-party vendor's documented update schedule.

This question's topic:
CompTIA Security+ SY0-701 / 
Threats, Vulnerabilities, and Mitigations
Your Score:
Threats, Vulnerabilities, and Mitigations
General Security Concepts
Security Architecture
Security Operations
Security Program Management and Oversight