Your company has recently deployed endpoint detection and response (EDR) solutions across the organization. As a security analyst, you are reviewing the endpoint logs and notice several hundred login attempts that were successful after multiple failures from the same IP address. What is the MOST likely security issue these logs indicate?
A large amount of failed login attempts followed by a successful login from the same IP address is a strong indicator of a brute force attack, where an attacker systematically tries different passwords or passphrases with the hope of eventually guessing correctly. The other options, although plausible under different circumstances, do not align as closely with the specific pattern of login attempts described in the question.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a brute force attack?
Open an interactive chat with Bash
What can be done to protect against brute force attacks?
Open an interactive chat with Bash
What role does endpoint detection and response (EDR) play in identifying attacks?