A security analyst is conducting a post-incident log analysis to determine which indicators can be used to detect further occurrences of a data exfiltration incident. The analyst determines backups were not performed during this time and reviews the following: Which of the following should the analyst review to find out how the data was exfiltrated?

Questions › Category: CS0-002 › A security analyst is conducting a post-incident log analysis to determine which indicators can be used to detect further occurrences of a data exfiltration incident. The analyst determines backups were not performed during this time and reviews the following: Which of the following should the analyst review to find out how the data was exfiltrated?

0 Vote Up Vote Down

Admin Staff asked 6 months ago

A security analyst is conducting a post-incident log analysis to determine which indicators can be used to detect further occurrences of a data exfiltration incident. The analyst determines backups were not performed during this time and reviews the following:
 
Which of the following should the analyst review to find out how the data was exfiltrated?

A. Monday's logs

B. Tuesday's logs

C. Wednesday's logs

D. Thursday's logs








 

Suggested Answer: C

Community Answer: D



This question is in CS0-002 CompTIA Cybersecurity Analyst (CySA+) Exam
For getting CompTIA Cybersecurity Analyst (CySA+) Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by CompTIA. 
Trademarks, certification & product names are used for reference only and belong to CompTIA.
The website does not contain actual questions and answers from CompTIA's Certification Exams.

A security analyst is attempting to utilize the following threat intelligence for developing detection capabilities: In which of the following phases is this APT most likely to leave discoverable artifacts?

An email analysis system notifies a security analyst that the following message was quarantined and requires further review. From: CEO@CompTIA.org

AZ-104 Practice Test Free

Recommended

AZ-104 Practice Test Free

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Welcome Back!

Create New Account!

Retrieve your password

A security analyst is attempting to utilize the following threat intelligence for developing detection capabilities: In which of the following phases is this APT most likely to leave discoverable artifacts?

An email analysis system notifies a security analyst that the following message was quarantined and requires further review. From: CEO@CompTIA.org

AZ-104 Practice Test Free

Related Questions

Recommended

AZ-104 Practice Test Free

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Welcome Back!

Create New Account!

Retrieve your password